SANS Network Security 2022: Bonus Session - Network Forensics & Incident Response with Open Source Tools

  • Wednesday, 07 Sep 2022 3:30PM EDT (07 Sep 2022 19:30 UTC)
  • Speaker: Ed Smith
Open source security technologies such as Zeek, Suricata, and Elastic can deliver powerful network detection and response capabilities and the global communities behind these tools can also serve as a force multiplier for security teams, such as accelerating their response times to zero-day exploits via community-driven detection engineering and intel sharing. This presentation will review popular open source technologies used in network DFIR and cover use cases, integrations, and open source design patterns.
Network Security 2022: Bonus Sessions - Wednesday