Bro Crash Course presented at bsidesdc 2016

by Liam Randall,

Summary : In the last three years the Bro Platform has taken the network monitoring scene by storm: integrated into dozens of products, included in NSM live CDs and deployed into environments of all sizes. In this fast paced crash course attendees will get hands on training with the latest 2.4 release of Bro. We'll cover the default log model, handling intelligence, dynamically extract files on the fly and examine common attacks such as SQL injection and webshells.
Requirements: A computer and keyboard capable of running SSH to connect to an external live environment