Loading…
Virtual ZeekWeek 2020 is free to attend, but registration is required. 
Back To Schedule
Wednesday, October 14 • 1:20pm - 1:40pm
Day 2 -Going Beyond Alerts - Maximizing Network Defense with Suricata 6.0 LIMITED

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.


Limited Capacity seats available

You MUST register through eventbrite to gain access to this session (Day 2).

Securing a network often begins with the ability to generate alerts when malicious or
non-standard network traffic is observed. This is routinely accomplished through intrusion
detection and prevention systems (IDPS) such as Suricata, as well as other open-source tools.
Unfortunately, an alert only provides a narrow view into a possible incident. Data surrounding an
alert also needs to be available to help an analyst build context before and after an alert. In this
talk, we’ll introduce the latest features available in the newly released Suricata 6.0 and discuss
how protocol-specific logs, full-packet capture and other features of Suricata and Zeek can be
used to build a more comprehensive view into an organization’s network. This context allows for
an organization to understand the threats they face and gives them the ability to respond to
incidents quickly and more accurately.


Slack Channel for this session -
Haven't joined the Zeek Slack space yet you can do so at:
https://join.slack.com/t/zeekorg/shared_invite/zt-cgz9wa7p-BXihgVtZlmnRfHZXmUltZQ

Link to Session Survey - https://forms.gle/aFCTXniakuJGi7YN9


Wednesday October 14, 2020 1:20pm - 1:40pm PDT
Online - Zoom Meeting Room