Netflow analysis, NIDS components (log analysis, blackhole routing, honeypots, DNS), developing SNORT signatures and YARA patterns, other Network and endpoint countermeasures, cloud security broker.

Attendees will have the opportunity to analyze a compromised windows system with nfdump and netflow analysis.

• Incident Response Readiness & Threat Hunting Basics – Background
• Data Source Overview
• Threat hunting Frameworks
• Threat Hunting types
• Integrating Threat Hunting
• Important Tools