$2,123.38

Hunting with Suricata (Network Security Monitoring) @ SuriCon

Event Information

Share this event

Date and Time

Location

Location

Beurs van Berlage

243 Damrak

1012 ZJ Amsterdam

Netherlands

View Map

Refund Policy

Refund Policy

No Refunds

Event description

Description




Suricata is a high-performance Network IDS, IPS and Network Security Monitoring engine sought after around the world. Open-source and managed by a community, Suricata is a part of the non-profit foundation; the Open Information Security Foundation (OISF). OISF’s mission is to remain on the leading edge of open source IDS/IPS development by welcoming in open source technologies looking for a community to support them.

Suricata can show you things about your network you haven't seen before. More than just an IDS/IPS, Suricata can provide the visibility to solve incidents quickly and more accurately by enabling context before, during, and after an alert. In our 2-day training classes, we will teach the skills required by network security analysts and incident responders to protect and respond to threats in the network(s) day to day.


What to expect?

Defending your network starts with understanding your traffic. More than just an IDS/IPS, Suricata can provide the visibility to solve incidents quickly and more accurately by enabling context before, during, and after an alert. In this brand-new course, attendees will learn the skills required to identify, respond and protect against threats in their network day to day as well as identify new threats through structured data aggregation and analysis. Hands-on labs consisting of real-world malware and network traffic will reinforce course concepts while utilizing the latest Suricata features. Come and see what you've been missing in your network and unlock the full potential of network security, detection, and response with Threat Hunting with Suricata.

What will be covered? Here's a sample:

  • Identify key strategies for network security architecture and visibility

  • Learn the fundamentals of rule-writing and rule comprehension

  • Understand how to managing rule sources and create effective rulesets

  • Develop methods for establishing network baselines

  • Recognize traffic anomalies

  • Use Suricata to capture network traffic and replay PCAPS

  • Utilize log aggregation and shipping services to build a complete picture

  • Perform traffic analysis and create visualizations with Kibana

  • Develop a custom network sensor with Suricata and ELK

  • Analyze suspicious traffic to determine maliciousness

  • Learn how to pivot off of key attack indicators using threat intelligence

  • Analyze true positive and false positive alerts

  • Leveraging rules specifically for threat hunting

  • Deploying honey tokens

Prerequisites for the class:

  • Being able to import and run a VM (2CPU / 6GB RAM) on your laptop

  • Basic understanding of IDS/IPS/NSM principles

  • Networking, TCP/IP

  • Linux command line

Who should attend:

Security Administrators
Enterprise Defenders
Incident Responders
Security Operations Specialists
Security Analysts
Malware Analysts
Network Engineers




Net proceeds from this and all OISF's training events go directly to funding Suricata's development and OISF's mission to support open source security technologies. OISF is a 501c(3) U.S. non-profit. For questions about this event or about becoming a member of the OISF community please contact us at info@oisf.net.

Share with friends

Date and Time

Location

Beurs van Berlage

243 Damrak

1012 ZJ Amsterdam

Netherlands

View Map

Refund Policy

No Refunds

Save This Event

Event Saved