I’ve begun working on a new project, with a spiffy/catchy/snazzy name:
Threat Hunting: With Open Source Software, Suricata and Bro
I’ve planned out multiple chapters, from raw PCAP analysis, building with session reassembly, into full on network monitoring and hunting with Suricata and Elasticsearch.
This project will take a long time. While I work through it, I’ll be posting here regularly. I very much welcome feedback.
Here’s a little introduction video, but , more will come as I add videos.
The next video will be looking at how data is transmitted over a network… anyone ready for a super brief OSI Network model overview?