DeepSec 2019 Training: Analysing Intrusions with Suricata – Peter Manev & Eric Leblond

Sanna/ September 18, 2019/ Security, Training

Defending your network starts with understanding your traffic. More than just an IDS/IPS, Suricata can provide the visibility to solve incidents quickly and more accurately by enabling context before, during, and after an alert. In this course, attendees will learn the skills required to identify, respond and protect against threats in their network day to day as well as to identify new threats through structured data aggregation and analysis. Hands-on labs consisting of real-world malware and network traffic will reinforce the course’s concepts while utilizing the latest Suricata features. Come and see what you’ve been missing in your network and unlock the full potential of network security, detection, and response with Threat Hunting with Suricata at the DeepSec 2019 training. In this course, students will learn through a combination of lecture and approximately 15

Read More

Industrial Espionage and Data Tapping are commonplace in IT – DeepSec Conference provides Training for early Detection, Analysis and Mitigation

Sanna/ September 10, 2019/ Conference, Security

The excitement used to be great when organizations, parties, celebrities, companies, or government agencies reported intrusions into their own or outsourced digital infrastructure. Meanwhile, reports of data leaks and compromised systems are almost a part of the weather forecast. Security applications on smartphones or portals offer this information to allow the user to check if they might be affected too. The networked world of everyday life makes it seemingly possible to present attack and defence in the same breath. Affected, attackers, defenders and beneficiaries move closer together. But anyone who has this impression has fallen victim to the looming simplification. Modern information technology has to deal with dangerous situations every day that have far more facets. This requires a good deal of specialist knowledge and experience. First Responders, Analysis and Detection of Threats All

Read More

DeepSec 2018 Talk: Suricata and XDP, Performance with an S like Security – Eric Leblond

Sanna/ November 2, 2018/ Conference, Security

extended Berkeley Packet Filter (eBPF) and eXtreme Data Path (XDP) technologies are gaining in popularity in the tracing and performance community in Linux for eBPF and among the networking people for XDP. After an introduction to these technologies, this talk proposes to have a look at the usage of the eBPF and XDP technology in the domain of security. A special focus lies on Suricata that uses this technology to enhance its performance and by consequence on the accuracy of its network analysis and detection. We asked Eric a few more questions about his talk. Please tell us the top 5 facts about your talk. Packet loss really matters. A threat detection engine like Suricata is losing 10% of IDS alerts if it misses 3% of traffic. And there are 10% of incomplete file

Read More