Home » CANARIE Network » Cybersecurity Initiatives » Joint Security Project: Funding Information » Joint Security Project Workshop » Program

Program

Monday, June 19, 2017
6:00 – 8:00 PM Evening Reception

 

Tuesday, June 20, 2017
8:00 – 9:00 AM Breakfast & Welcome
9:00 – 10:00 AM Introduction to Bro
Representative, National Centre for Supercomputing Applications (NCSA)

  • What is Bro?
  • What is a Bro Log?
  • Incident Response with Bro (Capability overview, “stories from the trenches”, etc.)
10:00 – 10:30 AM Break
10:30 – 12:00 PM Deploying Bro

  • Bro Quickstart (What’s a Bro cluster? Load-balancing, log export, etc.)
  • Hardware Selection
  • Basic Configuration (How do I get useful data out, customized to my networks?)
12:00 – 1:00 PM Lunch
1:00 – 2:15 PM Deploying Bro Continues 

  • broctl
  • Common Pitfalls
  • bropkg
  • Customizing the Notice Policy
2:15 – 2:30 PM Break
2:30 – 4:00 PM Network Protocol

  • Conn log
  • DNS log
  • SSL/SSH (Dealing with encrypted traffic)
  • Other logs
4:00 – 4:15 PM Break
4:15 – 5:00 PM Integrations

  • Intel Framework
  • Dumbno (Dealing with large flows)
  • Black-holing