Join us for in-depth talks, exclusive networking, and world-class training at Security Awareness Summit Dec 1-4!


To attend this webcast, login to your SANS Account or create your Account.

Tech Tuesday Workshop - Collaborating at Scale; How to Contribute to and Profit from the SANS Internet Storm Center

  • Tuesday, June 23, 2020 at 1:00 PM EDT (2020-06-23 17:00:00 UTC)
  • Dr. Johannes Ullrich

You can now attend the webcast using your mobile device!



In this workshop, we will not only learn how to contribute to the Internet Storm Center's vast research data repository, but you will also learn how to take advantage of all the data we have to offer. The Internet Storm Center, and it's backend "engine" DShield collect firewall and honeypot logs for 20 years now. This large data repository has helped countless researchers. The data is turned around and offered in aggregate form in almost real time via our web site and easy to use APIs. We will demonstrate how to install the DShield honeypot, how to learn from the logs it collects and how these logs help the larger community and drive defenses based on real data. You will also learn how to use the data the Internet Storm Center offers to better understand your own logs and to identify who is attacking you and why.

System Requirements: You will need either a Raspberry Pi (3 and 4 will work. 2 will likely work as well. Wired internet connection preferred), or an Ubuntu Virtual Machine. You will need to be able to expose the system to the Internet (home internet connection is perfectly fine as long as your router has the ability to expose an IP address or offers a "DMZ" feature). A free-tier AWS cloud VM can work as well.

*Please note that this WILL NOT be recorded. Due to the nature of these workshops, many have a capacity limit and will not be made available for archive. To help us offer this opportunity to as many people as possible, we are asking that you please only register if you plan to attend live.

Speaker Bio

Dr. Johannes Ullrich

As chief research officer for the SANS Institute, Johannes is currently responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. He founded in 2000, which is now the data collection engine behind the ISC. His work with the ISC has been widely recognized, and in 2004, Network World named him one of the 50 most powerful people in the networking industry. Prior to working for SANS, Johannes worked as a lead support engineer for a Web development company and as a research physicist. Johannes holds a PhD in Physics from SUNY Albany and is located in Jacksonville, Florida. He also enjoys blogging about application security tips.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.