Skip Main Navigation
Page Content

Save This Event

Event Saved

Security Onion 4-Day Training Class Augusta GA September 2017

Security Onion Solutions LLC

Monday, September 11, 2017 at 8:00 AM - Thursday, September 14, 2017 at 5:00 PM (EDT)

Security Onion 4-Day Training Class Augusta GA...

Registration Information

Registration Type Sales End Price Fee Quantity
Security Onion 4-Day Training Class   more info Sep 4, 2017 $2,999.00 $0.00

Share Security Onion 4-Day Training Class Augusta GA September 2017

Event Details

About Security Onion

Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It's based on Ubuntu and contains Snort, Suricata, Bro, Sguil, Squert, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!

For more about Security Onion, please see:

About the Course

"I started Security Onion in 2008 to provide a comprehensive platform for intrusion detection, network security monitoring, and log management.  Today, Security Onion has over 350,000 downloads and is being used by organizations around the world to help monitor and defend their networks.  This class is the culmination of 6 years of lessons learned while building Security Onion and best practices developed while deploying Security Onion to real networks and doing real incident response with it."

-- Doug Burks

 What do previous students say about the class?

"I highly, HIGHLY recommend attending this class. I attended the class in Houston and it was excellent.

 Doug is very knowledgeable and has an informal style of instruction that keeps the class interesting and encourages interaction with the students, and is not simply a 16 hour lecture.

 I also met many interesting people and made some new contacts. All in all, if this class comes anywhere near me again ... I'll be going if I have to host a bake sale to get there."

"I appreciated the mixture of Doug's obvious significant real world experience, paired with his deep knowledge of security onion. I felt like the class not only helped me understand the tools but also helped me understand how I might best apply those tools."

 "I liked the depth of each tool Doug covered each day in class. I enjoyed learning in an environment where you get to follow along with hands on, and get to ask questions about some of the things that will help you, individually, when you get back to your specific Security Onion implementation. I really appreciated the time Doug spent going thru real world investigations, where he presented his thought process and how each and every tool can be used to benefit us in our investigations."

"One of the best courses I have taken. Phil was extremely knowledgeable. I would recommend this class to other people."

What do students get?

  • 4 days of classroom instruction from the developers of Security Onion
  • over 200 pages of course material
  • Certificate of Completion
  • FREE Admission to Security Onion Conference 2017 on September 15

When is the class?

Monday, September 11, 2017 through Thursday, September 14, 2017

8:00 AM - 5:00 PM (Eastern) each day

Save September 15 for Security Onion Conference and September 16 for BSidesAugusta!

Students in this course receive FREE admission to Security Onion Conference 2017!

Where is the class being held?

The class will be held at the DoubleTree by Hilton Augusta, 2651 Perimeter Pkwy Augusta, GA 30909

Is there a hotel discount?

The DoubleTree by Hilton Hotel Augusta is offering a special rate for the Security Onion training, Security Onion Conference, and BSidesAugusta 2017 attendees, September 10 - 17. To book the hotel at the special rate, click here. Alternatively, you can find the hotel's website via your favorite search engine and use Group Code BSD when booking. The code expires August 20, 2017. 

What is the registration deadline?

Registration closes Monday, September 4, at 11:59 PM Eastern.

What hardware will be required for the class?

Students will need a laptop that is capable of running a 64-bit VM with at least 3GB RAM allocated to the VM (4GB RAM or more for the VM is highly recommended).  

PLEASE NOTE: Just because your laptop has a 64-bit processor does NOT necessarily mean that you can run 64-bit VMs. Your 64-bit processor must support virtualization and virtualization must be enabled in the BIOS.

VMware Workstation/Fusion is HIGHLY recommended.

What do students need to do prior to class?

Students should ensure that their laptop is fully capable of running a 64-bit VM by downloading the Security Onion ISO image and verifying that it runs AND installs in their VM. Please see our Installation guide:

Which version of Security Onion will we be using?

We'll be using the latest release of the Security Onion ISO as of August 15, 2017.

The latest release can be found here:

What do students need to bring to class?

Students need to bring the following:

  • Eventbrite ticket for this event
  • Laptop as described above
  • Latest Security Onion ISO image (currently

What skills/knowledge should students have before attending this course?

Students should have a basic understanding of networks, TCP/IP, and standard protocols such as DNS, HTTP, etc.  Some Linux knowledge/experience is recommended, but not required.

What's the cancellation policy?

Security Onion Solutions reserves the right to cancel this class up to one day after registration closes if the class does not meet a minimum number of students. If class is cancelled, the training ticket cost will be refunded.

What's the refund policy?

You may log into your Eventbrite account and request a refund up until the last day of ticket sales.  Please use the "Request a Refund" button as shown here: 

Are there discounts available?

We offer discounts to active duty military, as well as members of ISSA and Infragard. Contact us for more information.

What topics are covered in this class?

- Network Security Monitoring (NSM) methodology

- Security Onion Installation

- Configuration
Setup Phase 1 - Network configuration
Setup Phase 2 - Service configuration
Evaluation Mode vs Production Mode
Verifying services

- Analyzing Alerts
Replaying traffic
3 primary interfaces:
Pivoting between interfaces
Pivoting to full packet capture

- Hunting
Using ELSA to slice and dice logs

- Bro
Bro Programming Language
Bro Logs
Bro Scripts
ShellShock Detector Module
Bro Intel Framework 

- Production Deployment
Advanced Setup
Master vs sensor
Architectural recommendations
Sensor placement

- Tuning
Using PulledPork to disable rules
BPFs to filter traffic
Spinning up additional Snort/Suricata/Bro workers to handle higher traffic loads

- Case Studies
1-2 Case Studies on Day 1
1-2 Case Studies on Day 2
Two (2) Case Studies on Day 3
Final Case Study on Day 4

- Wrapup/Q&A

Have questions about Security Onion 4-Day Training Class Augusta GA September 2017? Contact Security Onion Solutions LLC

Save This Event

Event Saved

When & Where

DoubleTree by Hilton Augusta
2651 Perimeter Pkwy
Augusta, GA 30909

Monday, September 11, 2017 at 8:00 AM - Thursday, September 14, 2017 at 5:00 PM (EDT)

  Add to my calendar


Security Onion Solutions LLC

Security Onion Solutions helps you peel back the layers of your network.

  Contact the Organizer
Security Onion 4-Day Training Class Augusta GA September 2017
Things to do in Augusta, GA Class Science & Tech

Please log in or sign up

In order to purchase these tickets in installments, you'll need an Eventbrite account. Log in or sign up for a free account to continue.