Skip Main Navigation
Eventbrite
Browse Events
Organize an event
Organize
Help
Log InSign Up
Menu
Page Content
This event has ended.

Aug

10

Security Onion 4-Day Training Class Odenton MD 8/10 - 8/13

by Security Onion Solutions LLC

Actions and Detail Panel

Sales Ended

Date and time

Mon, Aug 10, 2015, 8:00 AM –

Thu, Aug 13, 2015, 5:00 PM EDT

Location

Odenton, MD 21113

View map

Refund policy

Description

About Security Onion

Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It's based on Ubuntu and contains Snort, Suricata, Bro, Sguil, Squert, Snorby, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!

For more about Security Onion, please see:
http://securityonion.net/


About the Course and Instructor

"I started Security Onion in 2008 to provide a comprehensive platform for intrusion detection, network security monitoring, and log management. Today, Security Onion has over 100,000 downloads and is being used by organizations around the world to help monitor and defend their networks. This class is the culmination of 6 years of lessons learned while building Security Onion and best practices developed while deploying Security Onion to real networks and doing real incident response with it."

-- Doug Burks

For more about Doug Burks, please see:
http://www.linkedin.com/pub/doug-burks/1b/a2b/858


What do previous students say about the class?

"I highly, HIGHLY recommend attending this class. I attended the class in Houston and it was excellent.

Doug is very knowledgeable and has an informal style of instruction that keeps the class interesting and encourages interaction with the students, and is not simply a 16 hour lecture.

I also met many interesting people and made some new contacts. All in all, if this class comes anywhere near me again ... I'll be going if I have to host a bake sale to get there."

"I appreciated the mixture of Doug's obvious significant real world experience, paired with his deep knowledge of security onion. I felt like the class not only helped me understand the tools but also helped me understand how I might best apply those tools."

"I liked the depth of each tool Doug covered each day in class. I enjoyed learning in an environment where you get to follow along with hands on, and get to ask questions about some of the things that will help you, individually, when you get back to your specific Security Onion implementation. I really appreciated the time Doug spent going thru real world investigations, where he presented his thought process and how each and every tool can be used to benefit us in our investigations."


What do students get?

  • 4 days of classroom instruction from the lead developer of Security Onion
  • over 100 pages of course material
  • Certificate of Completion


When is the class?

Monday, August 10, 2015 through Thursday, August 13, 2015

8:00 AM - 5:00 PM (Eastern) each day


Where is the class being held?

Odenton MD. Students will receive further details upon registration.


What is the registration deadline?

The last day to register for class is Wednesday, August 5.


What hardware will be required for the class?
Students will need a laptop that is capable of running a 64-bit VM with at least 3GB RAM allocated to the VM (4GB RAM or more for the VM is highly recommended).

PLEASE NOTE! Just because your laptop has a 64-bit processor does NOT necessarily mean that you can run 64-bit VMs. Your 64-bit processor must support virtualization and virtualization must be enabled in the BIOS.

VMware Workstation/Fusion is highly recommended.

What do students need to do prior to class?
Students should ensure that their laptop is fully capable of running a 64-bit VM by downloading the Security Onion ISO image and verifying that it runs AND installs in their VM. Please see our Installation guide:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Installation


Which version of Security Onion will we be using?
We'll be using the new Security Onion 12.04.5.2 ISO image that was released on 7/6:
http://blog.securityonion.net/2015/07/security-onion-120452-iso-image-now.html


What do students need to bring to class?
Students need to bring the following:

  • this Eventbrite ticket
  • laptop as described above
  • Security Onion 12.04.5.2 ISO image


What skills/knowledge should students have before attending this course?

Students should have a basic understanding of networks, TCP/IP, and standard protocols such as DNS, HTTP, etc. Some Linux knowledge/experience is recommended, but not required.

What's the refund policy?

You may log into your Eventbrite account and request a refund up until the last day of ticket sales. Please use the "Request a Refund" button as shown here:
http://www.eventbrite.com/t/how_to_request_refund


What topics are covered in this class?

- Network Security Monitoring (NSM) methodology

- Security Onion Installation

- Configuration
Setup Phase 1 - Network configuration
Setup Phase 2 - Service configuration
Quick Setup vs Advanced Setup
Verifying services

- Analyzing Alerts
Replaying traffic
4 primary interfaces:
Snorby
Squert
Sguil
ELSA
Pivoting between interfaces
Pivoting to full packet capture

- Hunting
Using ELSA to slice and dice logs

- Bro

Introduction
Bro Programming Language
Bro-IDS
Bro Logs
Bro Scripts
ShellShock Detector Module
Bro Intel Framework

- Production Deployment
Advanced Setup
Master vs sensor
sosetup.conf
Architectural recommendations
Sensor placement
Hardening
Administration
Maintenance

- Tuning
Using PulledPork to disable rules
BPFs to filter traffic
Spinning up additional Snort/Suricata/Bro workers to handle higher traffic loads

- Case Studies
(2) Case Studies on Day 1
(2) Case Studies on Day 2
(2) Case Studies on Day 3
Final Case Study on Day 4

- Wrapup/Q&A

Tags

  • United States Events
  • Maryland Events
  • Things to do in Odenton, MD
  • Odenton Classes
  • Odenton Science & Tech Classes
Event ended

Security Onion 4-Day Training Class Odenton MD 8/10 - 8/13


Follow this organizer to stay informed on future events

Security Onion Solutions LLC

Event creator

Events you might like

  • Conference on Applied Machine Learning in Information Security

    Conference on Applied Machine Learning in Information Security
    Conference on Applied Machine Learning in Information Security

    Thu, Oct 20, 8:00 AM
    Sands Capital (30th Floor) • Arlington, VA
    $200
  • Cyber Security Overview 1 Day Training in Columbia, MD

    Cyber Security Overview 1 Day Training in Columbia, MD
    Cyber Security Overview 1 Day Training in Columbia, MD

    Tue, Aug 16, 9:00 AM
    Regus - Maryland, Columbia - Columbia Town Center • Columbia, MD
    $545 - $795
  • Cyber Security Overview 1 Day Training in Baltimore, MD

    Cyber Security Overview 1 Day Training in Baltimore, MD
    Cyber Security Overview 1 Day Training in Baltimore, MD

    Wed, Aug 17, 9:00 AM
    For venue details  reach us at info@mangates.com • Baltimore, MD
    $545 - $795
  • Cyber Security Overview 1 Day Training in Baltimore, MD

    Cyber Security Overview 1 Day Training in Baltimore, MD
    Cyber Security Overview 1 Day Training in Baltimore, MD

    Wed, Aug 17, 9:00 AM
    Regus - Maryland, Baltimore - Legg Mason Tower • Baltimore, MD
    $545 - $795
  • Cyber Security Overview 1 Day Training in Columbia, MD

    Cyber Security Overview 1 Day Training in Columbia, MD
    Cyber Security Overview 1 Day Training in Columbia, MD

    Tue, Aug 16, 9:00 AM
    For venue details  reach us at info@mangates.com • Columbia, MD
    $545 - $795
  • Cyber Security Overview 1 Day Training in Washington, DC

    Cyber Security Overview 1 Day Training in Washington, DC
    Cyber Security Overview 1 Day Training in Washington, DC

    Wed, Aug 17, 9:00 AM
    For venue details  reach us at info@mangates.com • Washington, DC
    $545 - $795
  • Cyber Security Overview 1 Day Training in Washington, DC

    Cyber Security Overview 1 Day Training in Washington, DC
    Cyber Security Overview 1 Day Training in Washington, DC

    Wed, Aug 17, 9:00 AM
    Regus - District Of Columbia, Washington DC - Connecticut Avenue • Washington, DC
    $545 - $795
  • CISA Chemical Security Summit 2022

    CISA Chemical Security Summit 2022
    CISA Chemical Security Summit 2022

    Tue, Aug 23, 11:00 AM
    Crystal Gateway Marriott • Arlington, VA
    Free
  • DEMOCRACY & SECURITY IN EAST-CENTRAL AFRICA & THE HORN OF AFRICA

    DEMOCRACY & SECURITY IN EAST-CENTRAL AFRICA & THE HORN OF AFRICA
    DEMOCRACY & SECURITY IN EAST-CENTRAL AFRICA & THE HORN OF AFRICA

    Today at 9:00 AM
    Hilton Garden Inn Silver Spring White Oak • Silver Spring, MD
    Free
  • IoT Firmware Exploitation

    IoT Firmware Exploitation
    IoT Firmware Exploitation

    Mon, Aug 22, 9:00 AM
    Tactical Network Solutions • Columbia, MD
    $2,300

Site Navigation

Use Eventbrite

  • How it Works
  • Pricing
  • Event Blog

Plan events

  • Online Registration
  • Sell Event Tickets
  • Event Management Software

Find events

  • Browse Odenton Events
  • Get the Eventbrite App

Connect with us

  • Report This Event
  • Help Center
  • Terms
  • Privacy
  • CA Privacy Notice
  • Accessibility
  • Community Guidelines
Eventbrite + Ticketfly

© 2022 Eventbrite