Participants will be able to:
•Understand the structure of digital medical environments
•Detect and respond to simulated cybersecurity threats
•Collaborate effectively during incidents
•Evaluate the impact of security decisions in a realistic setting
Trainer
Christos Lazaridis, Focal Point
Session Details
- Session Title:
Configuring and exploring Suricata logs through PFsense - Session Description:
Throughout this session a proper deployment and configuration of IDS solutions will be showcased for the attendees - Key Learning Objectives:
Understanding how intrusion detection systems work
Network placement
Logging Configuration
Suricata rule structure
Exploring IDS logs through SIEM technologies
Lab Details
- Lab Title:
Exploring Suricata Logs through Azure Data Explorer - Lab Description:
Students will be given access to Azure Data Explorer containing Suricata logs captured throughout an ongoing attack to the underlying monitored infrastructure. The instructor will go through detections along with the students throughout the lab - Key Learning Objectives:
Students will get to experience firsthand how KQL querying in Sentinel can leverage IDS datasets to perform efficient detections - Tools/Software Required:
Web Browser