FloCon 2022 has ended
Back To Schedule
Wednesday, January 12 • 1:30pm - 4:00pm
Track III: Intrusion Analysis and Threat Hunting with Open Source Tools (Day 2) LIMITED

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Limited Capacity seats available

In today’s threat landscape, sophisticated adversaries have routinely demonstrated the ability to compromise enterprise networks and remain hidden for extended periods of time. In Intrusion Analysis and Threat Hunting with Open Source Tools, you will learn how to dig deep into network traffic to identify key evidence that a compromise has occurred, learn how to deal with new forms of attack, and develop the skills necessary to proactively search for evidence of new breaches. We will explore key phases of adversary tactics and techniques - from delivery mechanisms to post-infection traffic - to get hands-on analysis experience. Open-source tools such as Suricata and Moloch will be utilized to generate data, perform exhaustive traffic analysis, and develop comprehensive threat hunting strategies. By the end of this workshop, you will have the knowledge and skills necessary to discover new threats in your network.

To help you prepare for this workshop, we recommend that you are familiar with the basics of network security monitoring, IDS/IPS systems and Linux environments. Familiarization with IDS rules is recommended, but not required. We also recommend the following readings:

avatar for Peter Manev

Peter Manev

QA / Training lead, Open Information Security Foundation - OISF
Peter has been involved with Suricata IDS/IPS/NSM from its very early days in 2009 as QA and training lead.  He is currently a Suricata executive council member. Peter has 15 years of experience in the IT industry, including as an enterprise-level IT security practitioner.SELKS maintainer... Read More →
avatar for Josh Stroschein

Josh Stroschein

Director of Training, Open Information Security Foundation - OISF
Josh is a subject matter expert in malware analysis, reverse engineering and software exploitation. He is the Director of Training for the Open Information Security Foundation (OISF), where he leads all training activity for the foundation and is also responsible for academic outreach... Read More →

Wednesday January 12, 2022 1:30pm - 4:00pm EST