Below are registration links and descriptions for all upcoming webcasts.
Finding Bad Things on Your Network Using Free and Open-Source Tools
Thursday, February 23, 2017
Want to get started on a Hunt Team and discover the “bad things” on your network?
In this webcast, we will walk through the installation and usage of Real Intelligence Threat Analytics (RITA). RITA is an open-source framework from the folks at Black Hills Information Security and Offensive CounterMeasures. RITA ingests Bro logs and look for malicious payload beaconing and scanning behavior, in addition to seeing which systems in your environment are talking with known bad IP addresses and domains. In less than an hour, you will learn how to collect and analyze network traffic for hunt teaming analysis.
We will also provide some sample Bro logs for you to play with and give RITA a test drive. Want to use your own Bro logs? Great! Just make sure your logs come from an egress pre-NAT point where we can see the internal RFC 1918 IP addresses talking to external IP addresses.
We’ll cover the different types of math used on our analysis including: - Connection intervals - Data sizes - Connection times
As a bonus, our sponsor LogRhythm will be showing off a completely free network monitoring tool called Network Monitor Freemium, a free tool for network monitoring, application detection, and detecting suspicious network activity (including lateral movement)!
Register for this webcast now!