Packets don’t lie – Threat Hunting with Zeek

Thumbnail for post.

One of the methods to identify, process and gain visibility into a network is Network Security Monitoring(NSM). Zeek is a passive network security monitor and is Open Source. In this webinar will use Zeek to analyse PCAPs and find badness.   

Course Outline

In this webinar, participants should be able to

Outline:
– Gain an understanding on the value of Zeek in the context of Network Security Monitoring(NSM)
– Analyse PCAPs using Zeek
– Get an overview of Zeek and Zeek logs 

Akira Kato

Thumbnail for post.

Akira Kato joined JUNET, UUCP based email network, in 1985, and one of the epoch members of WIDE Project, which is one of the first Internet Projects in Japan in 1987. He has been working for M-Root operation since 1997 when M-Root was moved to Tokyo. He also involved university campus network development and operation in Keio University, Shonan Fujisawa campus, as well as the University of Tokyo. He moved to Keio University Graduate school of Media Design in 2008.

Martin Pels

Thumbnail for post.

Martin is a Senior System Engineer at RIPE NCC. He is part of the team that operates the K-Root and RIPE NCC Authoritive DNS services, as well as the Routing Information Service (RIS). Martin is co-founder of NLNOG RING.

Lars-Johan Liman

Thumbnail for post.

Lars-Johan holds a Master of Science degree in Engineering Physics from the Royal Institute of Technology (KTH) in Stockholm, Sweden. His career started at the Network Operations Centre at the KTH where he contributed to the operation of the DNS servers, especially i.root-servers.net. Lars-Johan’s keen interest in the DNS soon made him responsible for the service, and when Netnod AB was formed as a spin-off from the university to take over the operation of infrastructure services (including I-root), he became its first employee. Lars-Johan remains in charge of the service, which nowadays encompasses 75+ service points around the globe. His involvement with the community has carried him to leading positions in committees within the IETF and ICANN, and he is involved wherever root-server operations is discussed.

Joshua Riesenweber

Thumbnail for post.

Joshua is an experienced Technical Director at Division 5, working with organisations across a range of industries, including critical infrastructure, health, defence, finance, energy, government, tertiary education, and more. He is passionate about the security community, business operations, technical leadership, and process improvement. He serves as a board member for non-profit organisations and helps enable business transformation through cyber security. He also serves on the CREST International Council – a non-profit organisation focused on raising professional standards and delivering measurable quality assurance for the global cyber security industry.

Aaron A. Glenn

Thumbnail for post.

Aaron A. Glenn has over 15 years focused on the NSP/CSP market segment in a variety of field, engineering, and management positions throughout the world. As Managing Director of Predicted Paths BV.