SANS Network Security 2022: Bonus Session - Network Forensics & Incident Response with Open Source Tools

Wednesday, 07 Sep 2022 3:30PM EDT (07 Sep 2022 19:30 UTC)
Speaker: Ed Smith

Open source security technologies such as Zeek, Suricata, and Elastic can deliver powerful network detection and response capabilities and the global communities behind these tools can also serve as a force multiplier for security teams, such as accelerating their response times to zero-day exploits via community-driven detection engineering and intel sharing. This presentation will review popular open source technologies used in network DFIR and cover use cases, integrations, and open source design patterns.

Login to Register

Network Security 2022: Bonus Sessions - Wednesday

Sponsor

Related Content

Digital Forensics, Incident Response & Threat Hunting

September 4, 2023

Evolution of Cloud Tactics, Techniques, and Procedures

This blog post discussed techniques implemented across the kill chain, from initial access to lateral movement to impact.

Digital Forensics, Incident Response & Threat Hunting

September 3, 2023

Next Generation FOR508

The latest FOR508 update represents a major upgrade to the courseware with a complete replacement of every hands-on exercise in the course.

Blog_teaser_images_(19).png

Digital Forensics, Incident Response & Threat Hunting, Open-Source Intelligence (OSINT)

August 31, 2023

FOR589: Cybercrime Intelligence - NEW SANS DFIR Course coming in 2024

Learn to traverse the cyber underground, social engineer cybercriminals and investigate illicit cryptocurrency activity.