YoVDO

Arming Small Security Programs - Network Baseline Generation and Alerts

Offered By: YouTube

Tags

Conference Talks Courses Python Courses Network Security Courses Event-Driven Programming Courses

Course Description

Overview

Learn how to arm small security programs with network baseline generation and alerts in this 36-minute conference talk from BSidesCharm 2017. Explore the Bro network security monitor and discover techniques for application and network whitelisting. Dive into practical implementation using Python scripts and Bro scripts for event-driven monitoring. Understand how to generate baseline files, analyze SMB traffic, and leverage machine learning for enhanced security. Gain insights into use cases and port listing to strengthen your organization's network defenses.

Syllabus

Intro
Meet Bro
Why am I here
The problem
The idea
Writing it down
Heuristics
Application Whitelisting
Network Whitelisting
How can I do this
Bro
Connection ID
Python Scripts
EventDriven Scripts
String Format
New Connection
Check Destination Port
If Statement
Bro Script
Logging
Parse
Scenario Network
Brophy
Install Brophy
Restart Brophy
Generate Baseline File
SMB Traffic
Recap
Use Cases
Port List
Machine Learning
End Date


Related Courses

An Introduction to Interactive Programming in Python (Part 1)
Rice University via Coursera Introduction: Elements of Microgame Design
Worcester Polytechnic Institute via Kadenze Programming with GUIs
Raspberry Pi Foundation via FutureLearn Introduction to Basic Game Development using Scratch
Coursera Project Network via Coursera Basic Game Development with Levels using Scratch
Coursera Project Network via Coursera