Loading…
FloCon 2018 has ended
Tucson, AZ – January 8-11, 2018

PLEASE NOTE THAT THE CURRENT SCHEDULE IS TENTATIVE. CHANGES TO THE SCHEDULE BELOW MAY OCCUR

Watch this space for details on the technical program for FloCon 2018. In the meantime, see the FloCon website at www.cert.org/flocon.
Back To Schedule
Monday, January 8 • 1:00pm - 4:30pm
Afternoon Track II: Threat Hunting w/Suricata LIMITED

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Limited Capacity seats available

In "Threat Hunting with Suricata" we will teach various methods and techniques to aid in detecting and hunting for popular threats facing organizations today. This workshop will focus on writing efficient IDS rules for hunting and detecting threats, as well as discussing strategies around leveraging Suricata alerts in this context.

Attendees will gain invaluable insight into the techniques behind creating long lasting efficient rules for Suricata IDS. Lab exercises will train attendees how to analyze and interpret hostile network traffic into agile IDS rules for detecting threats, including but not limited to: Exploit Kits, Ransomware, Phishing Attacks, Crimeware, Backdoors, Targeted Threats, and more. Attendees will leave the class armed with the knowledge of how to write quality Suricata IDS signatures for their environment, enhancing their organization’s ability to respond and detect threats.


Speakers
avatar for Jack Mott

Jack Mott

Security Researcher - Emerging Threats Research Team, OISF Core Team / Emerging Threats
Jack is a Security Researcher on the Emerging Threats Research team at Proofpoint where he spends all day long in packet-land playing with malware and writing comprehensive IDS rules for the ETPRO and OPEN ruleset. In addition to IDS sigs, writes sigs for ClamAV and Yara to hunt... Read More →
avatar for Jason Williams

Jason Williams

Security Researcher - Emerging Threats Research Team, OISF Core Team / Emerging Threats
Jason is a Security Researcher on the Emerging Threats Research team at Proofpoint where he flops around in a metaphorical ball pit of network packets all day and night. He works on the ETPRO and OPEN rulesets, having written thousands of signatures to help defenders protect their... Read More →


Monday January 8, 2018 1:00pm - 4:30pm MST
Coronado Ballroom I & II

Attendees (3)