•  

SEC503: Intrusion Detection In-Depth

A session at SOS: October Singapore 2012

  • Mike Poor

Learn practical hands-on intrusion detection and traffic analysis from top practitioners/authors in the field. This challenging track methodically progresses from understanding the theory of TCP/IP, examining packets, using Snort to analyze traffic, becoming familiar with the tools and techniques for traffic and intrusion analysis, to reinforcing what you've learned with a hands-on challenge of investigating an incident. Students should be able to "hit the ground running" once returning to a live environment where traffic analysis it required.

This is a fast-paced course, and students are expected to have a basic working knowledge of TCP/IP in order to fully understand the topics that will be discussed. Although others may benefit from this course, it is most appropriate for students who are or who will become intrusion detection/prevention analysts. Students generally range from novices with some TCP/IP background all the way to seasoned analysts. The challenging hands-on exercises are specially designed to be valuable for all experience levels. We strongly recommend that you spend some time getting familiar with tcpdump before coming to class.

About the speaker

This person is speaking at this event.
Mike Poor

Sign in to add slides, notes or videos to this session

Tell your friends!

When

Date Mon 8th October 2012

Short URL

lanyrd.com/symty

Official event site

www.sans.org/info/95834

View the schedule

Share

See something wrong?

Report an issue with this session