Modern security monitoring applications generate a considerable amount of data, making it essential for the analyst to be able to quickly pivot between different data sets. In this webinar, Correlating Host & Network Data w/ Community ID in Sec Onion Hybrid Hunter, we will show you how to use Community ID to quickly correlate events from the network to your hosts. Utilizing the next major version of Security Onion, code-named Hybrid Hunter, you will learn how Community ID can be used to correlate network flows from tools such as Suricata and Zeek with host-based events from osquery. This will allow you to more effectively pivot between your network and host data. By the end of this webinar you’ll have the insight needed to leverage Community ID to perform more effective analysis of your security logs.
This is a free webinar but seats are limited. To sign-up, go to:
In February 2020, Let’s Encrypt announced that they had issued a billion certificates. This is a sign of how encryption for network traffic has continued to gain adoption among regular individuals as well as among malicious actors. Decryption of this traffic may look at first as the solution to recover the lost visibility but it is not always an option because of privacy consideration or even technical reason. In this webinar, we’ll discuss several approaches to analyze encrypted network traffic with Suricata. We will look at Suricata’s JA3/JA3S support, TLS/SSL and newest protocol anomaly detection capabilities. By the end of this webinar you’ll have the insight needed to leverage Suricata to perform more effective analysis of encrypted network traffic.
This is a free webinar but seats are limited. To sign-up, go to https://www.eventbrite.com/e/webinar-hunting-threats-that-use-encrypted-network-traffic-with-suricata-tickets-102612647190
The Cuckoo Sandbox has become one of the most popular open-source frameworks for the automation of malware analysis. One of the many benefits of Cuckoo is the ability to expand its capabilities through additional services and tools, such as Suricata. In this webinar, we will walk you through how to get Suricata up and running in a Cuckoo sandbox to get better network traffic analysis. This webinar will begin from a base installation of Cuckoo and show you how to install Suricata, configure Cuckoo to utilize Suricata as a post-processing module and how to update your initial rule set. We will also explore more advanced Suricata setup options to help with performance such as interacting through a unix socket. By the end of this workshop you will be able leverage Suricata’s IDS alerts to help with your malware analysis workflow.
This is a free webinar but seats are limited. To sign-up, go to https://zoom.us/meeting/register/v5UtceihrzosujnYxCGEhLRCbNdofG2nzQ
Presented by: Josh Stroschein