YoVDO

Finding Traffic Anomalies Using SSL Certificates

Offered By: Security Onion via YouTube

Tags

Security Onion Courses Data Visualization Courses Cybersecurity Courses Python Courses Network Analysis Courses SSL Certificates Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore innovative techniques for detecting traffic anomalies using SSL certificates in this 37-minute conference talk from the Security Onion Conference 2019. Delve into two distinct detection methods and learn how to enhance SSL logs with additional metadata. Follow along with a live demonstration of a Python script designed for this purpose. Discover the power of dashboards and visualizations in identifying anomalies, and gain insights into various tools and concepts such as J3 Description, PowerShell Bits, Metasploit, and traditional SSL logging. Understand the importance of country codes, UID, and intel sources in network analysis. Equip yourself with valuable knowledge to improve your security monitoring capabilities and detect potential threats more effectively.

Syllabus

Introduction
Two methods of detection
Adding metadata to SSL logs
Python script
Live demo
Exiting the viewer
Dashboard
Visualizations
J3 Description
J3 Unknown
PowerShell Bits
Metasploit
Source destination
Clientside hash
Traditional SSL log
System on Data
Bro Notice
Country Codes
UID
Intel
Source
Network analyst
Questions


Taught by

Security Onion

Related Courses

Artificial Intelligence for Robotics
Stanford University via Udacity Intro to Computer Science
University of Virginia via Udacity Design of Computer Programs
Stanford University via Udacity Web Development
Udacity Programming Languages
University of Virginia via Udacity