Hunting with Suricata (Network Security Monitoring) - Seattle, WA
Suricata is a high-performance Network IDS, IPS and Network Security Monitoring engine sought after around the world. Open-source and managed by a community, Suricata is a part of the non-profit foundation; the Open Information Security Foundation (OISF). OISF’s mission is to remain on the leading edge of open source IDS/IPS development by welcoming in open source technologies looking for a community to support them. Suricata can show you things about your network you haven't seen before. More than just an IDS/IPS, Suricata can provide the visibility to solve incidents quickly and more accurately by enabling context before, during, and after an alert. In our 2-day training classes, we will teach the skills required by network security analysts and incident responders to protect and respond to threats in the network(s) day to day. What to expect? Defending your network starts with understanding your traffic. More than just an IDS/IPS, Suricata can provide the visibility to solve incidents quickly and more accurately by enabling context before, during, and after an alert. In this brand-new course, attendees will learn the skills required to identify, respond and protect against threats in their network day to day as well as identify new threats through structured data aggregation and analysis. Hands-on labs consisting of real-world malware and network traffic will reinforce course concepts while utilizing the latest Suricata features. Come and see what you've been missing in your network and unlock the full potential of network security, detection, and response with Threat Hunting with Suricata. What will be covered? Here's a sample: Identify key strategies for network security architecture and visibility Learn the fundamentals of rule-writing and rule comprehension Understand how to managing rule sources and create effective rulesets Develop methods for establishing network baselines Recognize traffic anomalies Use Suricata to capture network traffic and replay PCAPS Utilize log aggregation and shipping services to build a complete picture Perform traffic analysis and create visualizations with Kibana Develop a custom network sensor with Suricata and ELK Analyze suspicious traffic to determine maliciousness Learn how to pivot off of key attack indicators using threat intelligence Analyze true positive and false positive alerts Leveraging rules specifically for threat hunting Deploying honey tokens Prerequisites for the class: Being able to import and run a VM (2CPU / 6GB RAM) on your laptop Basic understanding of IDS/IPS/NSM principles Networking, TCP/IP Linux command line Who should attend: Security Administrators Enterprise Defenders Incident Responders Security Operations Specialists Security Analysts Malware Analysts Network Engineers Net proceeds from this and all OISF's training events go directly to funding Suricata's development and OISF's mission to support open source security technologies. OISF is a 501c(3) U.S. non-profit. For questions about this event or about becoming a member of the OISF community please contact us at email@example.com.
10604 Northeast 38th Place
Kirkland, WA 98033
More Event Ideas
What can we do for you?
Thank you for your input. Please fill out the form below and provide as much information as possible about updates to this event or venue.