Hunting Malware with Suricata Metadata - Security Onion Conference 2021

Explore advanced threat hunting techniques using Suricata metadata in this comprehensive conference talk from the Security Onion Conference 2021. Learn how to effectively close the gap between malware infection and detection through structured data aggregation and analysis. Discover the key functional aspects of Suricata and its extensive data generation capabilities, including protocol-specific logs, TLS information, file identification, and extraction. Gain insights into analyzing network traffic from prevalent malware to develop robust threat hunting strategies. Master the use of tools like Arkime, Kibana, and CyberChef for detecting anomalous or malicious activity. Explore the integration of threat intelligence feeds and online resources to enhance proactive threat hunting activities. By the end of this 58-minute presentation, acquire the skills necessary to identify, respond to, and protect against threats in your network, as well as uncover new threats through advanced data analysis techniques.

Security Onion Conference 2021 - Hunting Malware with Suricata Metadata by Josh Stroschein