Change Location × Amsterdam

    Recent Locations

      Hunting with Suricata (Network Security Monitoring) @ SuriCon in Amsterdam

      • Hunting with Suricata (Network Security Monitoring) @ SuriCon Photo #1
      1 of 1
      October 28, 2019

      Monday   9:00 AM

      243 Damrak
      Amsterdam, Netherlands 1012

      • No Performers Listed
      Hunting with Suricata (Network Security Monitoring) @ SuriCon

      Suricata is a high-performance Network IDS, IPS and Network Security Monitoring engine sought after around the world. Open-source and managed by a community, Suricata is a part of the non-profit foundation; the Open Information Security Foundation (OISF). OISF’s mission is to remain on the leading edge of open source IDS/IPS development by welcoming in open source technologies looking for a community to support them. Suricata can show you things about your network you haven't seen before. More than just an IDS/IPS, Suricata can provide the visibility to solve incidents quickly and more accurately by enabling context before, during, and after an alert. In our 2-day training classes, we will teach the skills required by network security analysts and incident responders to protect and respond to threats in the network(s) day to day.  What to expect? Defending your network starts with understanding your traffic. More than just an IDS/IPS, Suricata can provide the visibility to solve incidents quickly and more accurately by enabling context before, during, and after an alert. In this brand-new course, attendees will learn the skills required to identify, respond and protect against threats in their network day to day as well as identify new threats through structured data aggregation and analysis. Hands-on labs consisting of real-world malware and network traffic will reinforce course concepts while utilizing the latest Suricata features. Come and see what you've been missing in your network and unlock the full potential of network security, detection, and response with Threat Hunting with Suricata.   What will be covered? Here's a sample: Identify key strategies for network security architecture and visibility Learn the fundamentals of rule-writing and rule comprehension Understand how to managing rule sources and create effective rulesets Develop methods for establishing network baselines Recognize traffic anomalies Use Suricata to capture network traffic and replay PCAPS Utilize log aggregation and shipping services to build a complete picture Perform traffic analysis and create visualizations with Kibana Develop a custom network sensor with Suricata and ELK Analyze suspicious traffic to determine maliciousness Learn how to pivot off of key attack indicators using threat intelligence Analyze true positive and false positive alerts Leveraging rules specifically for threat hunting Deploying honey tokens Prerequisites for the class: Being able to import and run a VM (2CPU / 6GB RAM) on your laptop Basic understanding of IDS/IPS/NSM principles Networking, TCP/IP Linux command line Who should attend:           Security Administrators          Enterprise Defenders          Incident Responders          Security Operations Specialists          Security Analysts          Malware Analysts          Network Engineers Net proceeds from this and all OISF's training events go directly to funding Suricata's development and OISF's mission to support open source security technologies. OISF is a 501c(3) U.S. non-profit.  For questions about this event or about becoming a member of the OISF community please contact us at 

      Categories: Other & Miscellaneous

      Event details may change at any time, always check with the event organizer when planning to attend this event or purchase tickets.