Finding undetected threats in your network through proactive network analysis requires the right tools. Join us as Andy Wick, lead developer and creator of Arkime (formerly Moloch) and Elyse Rinne, Arkime software engineer and UI expert, will provide an introduction to this robust large scale, open source, indexed packet capture and search tool. Arkime can also enrich session data with Suricata alerts, and we’ll explore how this integration works.
About Our Speakers
Andy Wick is a Distinguished Architect and the creator of Moloch now named Arkime and former Chief Architect of AIM. He joined Verizon Media’s security team, the Paranoids, in 2011. He has a passion for building large scalable tools and empowering users, as well as, the global open source community.
Elyse Rinne is the UI and full stack engineer for Arkime (formerly Moloch). She revamped the UI to be more user-friendly and maintainable. Now that the revamp has been completed, Elyse is working on implementing awesome new features to make Arkime the go-to open source tool for network security professionals!
This talk will explore the Suricata rule syntax and use interesting parts of network traffic to highlight how to create custom rules. We will also explore keywords, where to find resources and how to avoid false positives.
Speaker – Tatyana Shishkova
Tatyana is a Senior Malware Analyst specializing in reverse engineering (currently Android platform, previously Windows), threat intelligence and network intrusion detection (Suricata). She speaks at cybersecurity conferences, teach newbies and conduct webinars. She has a Specialist’s degree in Applied Mathematics and Computer Science from Lomonosov Moscow State University.
Our March webinar is just around the corner! In this webinar, we’ll look into how modern threats utilize the network for a variety of activities and explore how the network continues to play a crucial role in the overall security monitoring of an organization. From delivering the malware to initially compromise an environment to bringing in additional tools and performing data exfiltration and command and control, all of this activity leaves traces over the network. We’ll explore how Suricata can go beyond generating alerts to show how you can use capabilities such as file identification and protocol parsing to gain the visibility to solve incidents quickly and more accurately by enabling context before, during, and after an event.
Peter Manev – Peter Manev is the co-founder and Chief Strategy Officer (CSO) of Stamus Networks, a growing network security company. He is also a member of the executive team at Open Network Security Foundation (OISF). Peter has over 15 years of experience in the IT industry, including enterprise-level IT security practice. He is a passionate user, developer and explorer of innovative open source security software. and is responsible for training as well as quality assurance and testing on the development team of Suricata – the open source threat detection engine. Peter is a regular speaker and educator on open source security, threat hunting, and network security.
Josh Stroschein – Josh is an experienced malware analyst and reverse engineer and has a passion for sharing his knowledge with others. He is the Director of Training for OISF, where he leads all training activity for the foundation and is also responsible for academic outreach and developing research initiatives. Josh is an accomplished trainer, providing training in the aforementioned subject areas at BlackHat, DerbyCon, Toorcon, Hack-In-The-Box, Suricon, and other public and private venues. Josh is an Assistant Professor of Cyber Security at Dakota State University where he teaches malware analysis and reverse engineering, an author on Pluralsight, and a threat researcher for Bromium/HP.
Women of Suricata bring you yet another webinar focused on helping new people willing to contribute to Suricata. For this webinar, our two Outreachy interns shall be sharing their experience, some tips, tricks and magic dust to help you get started with the development. Contributing to a big project like Suricata can be very intimidating especially when its open source and all your contributions are in public for everyone to scrunitize. Our speakers stood at the same place and paved their ways forward with baby steps learning and growing a lot all through the process.
Topics you can expect:
- How to start contributing
- How to make best use of existing helper scripts/functions
- Testing your work
- Things to take care of when creating first PR
- How to apply to intern with us through the Outreachy programme
- Expectations from an intern
- Challenges and overcoming them
Juliana Fajardini – OISF intern with Suricata. Bachelor’s degree in Information Systems, with a constant passion for learning, sharing and fostering communities, and a growing interest for Rust.
Tharushi Jayasekara – Outreachy intern at OISF. Final year Computer Science undergraduate at University of Colombo, passionate about algorithms, InfoSec and creating a diverse and inclusive community in the world of tech.
Target audience for this webinar are beginners. If you are interested in the above mentioned topics, do sign up!
Hope to see you! 🙂
OPNsense is an open source, easy-to-use and easy-to-build HardenedBSD based firewall and routing platform. It brings the rich feature set of commercial offerings with the benefits of open and verifiable sources. The inline IPS system of OPNsense is based on Suricata and utilizes Netmap to enhance performance and minimize CPU utilization. This deep packet inspection system is very powerful and can be used to mitigate security threats at wire speed. This webinar will take you through basic OPNSense setup before getting into Suricata installation and configuration. You will learn about different modes of operation, IDS versus IPS, and how to utilize the ET Pro Telemetry ruleset. By the end of this webinar you will be ready to run the latest version of Suricata in OPNSense to maximize visibility into your networks!
This is a free webinar but seats are limited. Please join us on 10/15/2020 by registering at: http://www.twitter.com/intent/tweet?text=I+am+attending+https://www.eventbrite.com/e/webinar-opnsense-and-suricata-a-great-combination-lets-get-started-tickets-117996028297?ref=estw