Suricata Advanced Deployment and Architecture Training - Denver, CO

Suricata is a high-performance Network IDS, IPS and Network Security Monitoring engine sought after around the world. Open-source and managed by a community, Suricata is a part of the non-profit foundation; the Open Information Security Foundation (OISF). OISF’s mission is to remain on the leading edge of open source IDS/IPS development by welcoming in open source technologies looking for a community to support them.

Suricata can show you things about your network you haven't seen before. More than just an IDS/IPS, Suricata can provide the visibility to solve incidents quickly and more accurately by enabling context before, during, and after an alert. In our 2-day training classes, we will teach the skills required by network security analysts and incident responders to protect and respond to threats in the network(s) day to day. 

What to expect? 

Our NEWEST Suricata training - Suricata Advanced Deployment and Architecture class offers a hands-on experience that will lead experienced Suricata users and developers from the efficient and fast set-up of correct operations to successful threat hunting examples in massive traffic jams with Suricata. This class is perfect for those who want to take their skills and knowledge to a new level - including live and active examples of configurations and setup deployments in 40+Gbps Threat Hunting deployments. Security professionals will actively experience all that Suricata has to offer and walk away with greater proficiency in Suricata’s core technology. Time is built into the class, so attendees have the unique opportunity to bring questions, challenges, and new ideas directly to Suricata’s developers.

What will be covered? Here's a sample:

• Advance Performance Factors

• Advance Tuning Techniques

• Rules, Rulesets, and Optimization

• Event / Data Outputs

• What do I do with 20+ mil events a day?

• Troubleshooting Common Problems

• Successful Threat Hunting techniques in heavy traffic jams

• Lua scripting

• Steganography Detection

• Anomaly detection

• File Extraction

• Automatic Protocol detection

• Pcap processing

• Enterprise Architecture

• IDS / IPS / IDPS / NSM deployment and set up

• Server HW / NIC/ CPU architecture and selection process

• Virtual deployment considerations/tips and tricks

• Capture Methods and Specifics

• Capture Hardware

• Integration with Other applications

Prerequisites for the class:

• Being able to import and run a VM (2CPU / 6GB RAM) on your laptop

• Basic understanding of IDS/IPS/NSM principles

• Networking, TCP/IP

• Linux command line

Who should attend:

Infra Security and Application Operations | Network Security Administrators | Security Architects/Engineers | Security Analysts | Malware Analysts | Network Engineers

Net proceeds from this and all OISF's training events go directly to funding Suricata's development and OISF's mission to support open source security technologies. OISF is a 501c(3) U.S. non-profit.  For questions about this event or about becoming a member of the OISF community please contact us at info@oisf.net.