A day in the life doing incident response without Bro. And how it could be so much better.

  • Tuesday, 14 Nov 2017 1:00PM EST (14 Nov 2017 18:00 UTC)
  • Speakers: Matt Bromiley, Vincent Stoffer

As an incident responder or network security professional, you are no doubt familiar with Netflow, PCAP, Suricata and other tools that give you the information you need to investigate and respond to threats. But are you familiar with Bro and how it could completely change your approach to incident response and threat hunting?

In this SANS Expert webinar, Vincent Stoffer, Director of Customer Solutions at Corelight, will discuss his personal experiences when he was an incident responder at an organization that was not using Bro, and how his approach & results completely changed once he incorporated the power of Bro into his arsenal.