This material has been designed to be taught in a classroom environment.
The material is missing some of the contextual concepts and ideas that will be covered in class.
This is 3 x ( .5 + 3 + .5 ) days of material for any intermediate-level dev-ops who has some experience with other security|monitoring tools and wants to learn Suricata, Bro and Moloch. We believe these classes are perfect for anyone who wants a jump start in learning Suricata, Bro and Moloch or who wants a more thorough understanding of the three and their internals.
TODO ....
Please visit:
Historical material:
- vagrant multi-machine: Moloch, Bro,Suricata,ElasticSearch,Kibana
- Getting started with Network Forensics
| . | Suricata | Bro | Moloch |
|---|---|---|---|
| day 0 :: intro | * | * | * |
| day 1 :: single box | * | * | * |
| day 2 :: cluster | * | * | * |
| day 3 :: advanced | * | * | * |
| day +1 :: wrapup | * | * | * |
- Suricata :: Rule-based Threat Detection Course
- Bro :: Semantic Network Security Monitoring Course
- Moloch :: Large-Scale Packet Capture Analysis Course