In “Practical Network Signature Development for Open Source IDS” we will teach expert methods and techniques for writing network signatures to efficiently detect the greatest threats facing organizations today. Students will gain invaluable information and knowledge including the configuration, usage, architecture, traffic analysis fundamentals, signature writing, and testing of a modern network IDS, such as Suricata and Snort. Student will be given handouts to help them develop and read with IDS signatures. Lab exercises will train students how to analyze and interpret hostile network traffic into agile IDS rules for detecting threats, including but not limited to: Exploit Kits, Ransomware, Phishing Attacks, Crimeware Backdoors, Targeted Threats, and more. Students will leave the class armed with the knowledge of how to write quality IDS signatures for their environment, enhancing their organization’s ability to respond and detect threats.
Jack is a Security Researcher on the Emerging Threats Research team at Proofpoint where he spends all day long in packet-land playing with malware and writing comprehensive IDS rules for the ETPRO and OPEN ruleset. In addition to IDS sigs, writes sigs for ClamAV and Yara to hunt... Read More →
It's time that we became uber-efficient with our interactive policy mobility. This is no time to bite the bullet with our interactive reciprocal programming. At base level, this just comes down to knowledge-based management options. I can make a window to discuss your holistic... Read More →
