-------------------------
SURICATA IS A HIGH-PERFORMANCE NETWORK IDS, IPS AND NETWORK SECURITY
MONITORING ENGINE SOUGHT AFTER AROUND THE WORLD. OPEN-SOURCE AND
MANAGED BY A COMMUNITY, SURICATA IS A PART OF THE NON-PROFIT
FOUNDATION; THE OPEN INFORMATION SECURITY FOUNDATION (OISF). OISF’S
MISSION IS TO REMAIN ON THE LEADING EDGE OF OPEN SOURCE IDS/IPS
DEVELOPMENT BY WELCOMING IN OPEN SOURCE TECHNOLOGIES LOOKING FOR A
COMMUNITY TO SUPPORT THEM.
SURICATA CAN SHOW YOU THINGS ABOUT YOUR NETWORK YOU HAVEN'T SEEN
BEFORE. MORE THAN JUST AN IDS/IPS, SURICATA CAN PROVIDE THE VISIBILITY
TO SOLVE INCIDENTS QUICKLY AND MORE ACCURATELY BY ENABLING CONTEXT
BEFORE, DURING, AND AFTER AN ALERT. IN OUR 2-DAY TRAINING CLASSES, WE
WILL TEACH THE SKILLS REQUIRED BY NETWORK SECURITY ANALYSTS AND
INCIDENT RESPONDERS TO PROTECT AND RESPOND TO THREATS IN THE
NETWORK(S) DAY TO DAY.
WHAT TO EXPECT?
In Practical Signature Development for Suricata we will teach expert
methods and techniques for writing network signatures to efficiently
detect the greatest and most common threats facing organizations
today. Attendees will gain invaluable information and knowledge
including the configuration, usage, architecture, traffic analysis
fundamentals, signature writing, and testing of Suricata. Attendees
will be given materials to help them understand and develop their own
network signatures. Updated lab exercises featuring current threats
will train students how to analyze and interpret hostile network
traffic into agile rules for detecting threats, including but not
limited to: Exploit Kits, Ransomware, Cryptocurrency Miners, Phishing
Attacks, Malicious Documents, Crimeware Backdoors, and Targeted
Threats. Students will leave the class armed with the knowledge of how
to write quality signatures for their environment, enhancing their
organization’s ability to respond and detect threats. The class is
very hands-on with a robust workbook featuring exercise
walkthroughs/explanations and a physical copy of the material
presented. The class exercises feature paths for those that are brand
new to writing signatures and signature experts who dream in pcre. The
class has been updated for the latest Suricata functionality such as
the SMB2/3 protocol, whitespace transforms, and new detection
buffers.
WHAT WILL BE COVERED? HERE'S A SAMPLE:
*
Network and Malware Analysis Fundamentals
*
IDS Engine and Rule Writing Fundamentals
*
Writing Signatures for DNS, HTTP, SSL/TOR
*
Advanced Rule Features
*
Detecting Phishing Communications, Ransomware Communications,
Malicious Documents, Exploit Kit Activity, Targeted Threats
*
PREREQUISITES FOR THE CLASS:
*
Being able to import and run a VM (2CPU / 6GB RAM) on your laptop
*
Basic understanding of IDS/IPS/NSM principles
*
Networking, TCP/IP
*
Linux command line
WHO SHOULD ATTEND:
Security Administrators
Enterprise Defenders
Incident Responders
Security Operations Specialists
Security Analysts
Malware Analysts
Network Engineers
-------------------------
_Net proceeds from this and all OISF's training events go directly to
funding Suricata's development and OISF's mission to support open
source security technologies. OISF is a 501c(3) U.S. non-profit.
__For questions about this event or about becoming a member of the
OISF community please contact us at info@oisf.net. _
courses
technology
culture
sports
3088
Views
21/08/2019 Last update