Meeting Register Page

MOB Workshop - Getting Started with Suricata in the Classroom
This is a free virtual workshop being offered to those working as an instructor in an academic setting and will require a valid EDU email address to be verified before you will be able to join the workshop.

In today’s threat landscape, sophisticated adversaries have routinely demonstrated the ability to compromise enterprise networks and remain hidden for extended periods of time. Learning how to effectively monitor networks is a crucial skill for defending an organization and it’s users. In this workshop, you will learn how to get started with Suricata to begin teaching it in the classroom or utilizing it for research purposes. Suricata is a free and open source, mature, fast and robust network threat detection engine capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM) and offline PCAP processing. Suricata inspects network traffic using a powerful and extensive rules and signature language, and has powerful Lua scripting support for detection of complex threats. With standard input and output formats like YAML and JSON integrations with tools like existing SIEMs, Splunk, Logstash/Elasticsearch, Kibana, and other databases become effortless. You will be provided with a training virtual machine based on the SELKS distribution along with digital copies of all slides and labs/lab guides. By the end of this workshop you will be ready to include Suricata in your course content.

Workshop duration: 4 hours


To participate in this workshop, you will need a computer that has the following resources available:
- Be able to run a VM with at least 2 vCPUs and 8+ GB RAM
- VMware Player or Latest Virtualbox, VMware Workstation/Fusion
- Administrative rights
- No AV / Ability to temporarily disable

You Will Be Provided With:
- Training VM
- Digital copy of all slides and labs/lab guides

Oct 8, 2020 12:00 PM in Central Time (US and Canada)

* Required information