Suricata, the world’s leading IDS/IPS engine, provides the most versatile network security tool available today. Developed and maintained by a core team of developers and an open source community, Suricata is the “Swiss Army Knife” for network security monitoring. This training will demonstrate the latest in Suricata’s dynamic capabilities including:
- Introduction to the newest version of Suricata
- Suricata as a passive DNS probe
- Suricata as an SSL monitor
- Suricata as a malware detection probe
- Suricata as a flow probe
- And some exciting new features…
At the completion of this training, attendees will gain a greater understanding of Suricata’s versatility and power. They will also have the unique opportunity to discuss any questions directly with members of the Suricata development team.
COURSE MATERIALS:To help facilitate, we've created a training VM for use during the workshop. You can download this VM at the following URL:
URL:
https://www.openinfosecfoundation.org/training/flocon2019/User: SuricataFloCon
PW: BLAdqEcyy2bl0OAUJZVv
Please take the time to download the VM before the workshop and run it on the machine you plan to bring to training. This way, if you have any problems loading the VM, etc. we can hopefully troubleshoot it before the workshop so we can spend more time on the material! We will provide the uername/password to login at the beginning of the workshop.
Please bring with you:
- a laptop with virtualization software installed, such as VirtualBox or VMWare, and tested to be working. We'll be using a 64bit VM image.
- 2 vCPUs and 6GB RAM will be optimal for the VM.
- Ideally, you have root/admin rights on your laptop as well as access to your system BIOS. While this is not strictly necessary, experience shows that it's helpful when trying to resolve VM issues, networking issue, etc.
Sincerely,
Suricata Training Team