Incident Response & Threat Hunting Using Bro/Zeek Data

BSides Huntsville | Incident Response & Threat Hunting Using Bro/Zeek Data | Alex Kirk
Course info
Level
Intermediate
Updated
Feb 29, 2020
Duration
34m
Table of contents
Incident Response & Threat Hunting Using Bro/Zeek Data
Description
Course info
Level
Intermediate
Updated
Feb 29, 2020
Duration
34m
Description

The open source Zeek network security monitor provides valuable data for incident responders and threat hunters alike. This talk will discuss how to use that data to lower the time necessary to find attackers on your network, as well as ways that advanced users can take Zeek's scripting language to create powerful, flexible detection logic that goes beyond traditional point-in-time IDS signatures.

About the author
About the author

BSides Huntsville is for cybersecurity practitioners to engage with others to learn more about the industry.

More from the author
Cyber-Ninja Space Pirates
Intermediate
38m
Feb 29, 2020
Closing the Cybersecurity Talent Gap
Intermediate
1h 3m
Feb 29, 2020
More courses by BSides Huntsville