SELKS-Suri Tips and Tricks - E15: Suricata Webinar Archive - Exploring Essential Open Source Tools
Mark Durrett
Hi folks,
Here is your weekly Suricata and SELKS tips and tricks email. Each week we'll feature a blog article or PDF document with something we hope you'll find useful.
We have another archived webinar to share with you today.
Moderated by one of the founding fathers of Suricata, Matt Jonkman, this “Detect to Protect” webinar archive features a panel discussion with the developers of seven Suridata-related open-source tools.
It was truly a “must attend” event for security analysts, threat hunters, researchers, and any cyber defender who uses the Suricata open-source network security engine in their tech stack.
In this webinar, the developer-panelists introduced attendees to seven modern open-source tools:
SELKS - turnkey Suricata-based open source intrusion detection system (IDS), Network Security Monitor (NSM) and threat hunting system
Suricata Language Server - a tool that adds syntax checking, performance guidance, and auto-completion to popular text editors for Suricata signature developers.
Lateral movement ruleset - free Suricata ruleset specifically focused on detecting lateral movement in Microsoft Windows environments
Jupyter playbooks - powerful threat hunting resource that anyone can access and use as a reference for analyzing Suricata EVE logs
GopherCAP - an innovative PCAP manipulation application that provides accurate playback of extra large PCAP files directly from tar archives.
Splunk App by Stamus Networks - free and open source Splunk app for investigating and hunting in the IDS alert data and the protocol transaction logs generated by Suricata sensors.
Security Analyst’s Guide to Suricata - the world's first practical guide for unlocking the full potential of Suricata.
Check it out: https://www.stamus-networks.com/hubfs/SN-Webinar-Suricata-Open-Source-Tools-sm.mp4
Let us know what you think.
Cheers!
Mark
| ||||||||||||||||||||||
|
