- This event has passed.
Webcast – This Traffic Looks Suspicious… What Should I Do?
June 2 @ 2:00 pm - 3:00 pm EDT
Threat Hunting is the first in a series of steps – finding the traffic that might be malicious. But what’s next? How do we turn the potential threats into actions?
In this webcast, Bill Stearns will go over how to investigate the traffic, classify it, and handle it appropriately. We’ll look at the traffic in more detail, including how to capture more of it. We’ll also look at some excellent sources of information about the IP addresses in question. We’ll also look at whitelisting approaches to handle legitimate traffic for your environment.
This Webcast will be recorded. Join the THREAT HUNTING COMMUNITY Discord Server to engage with the presenters and your fellow attendees during the live session of the webcast: https://discord.gg/ypAJ4Ts
Bill has authored numerous articles and tools for client use. He also serves as a content author and faculty member at the SANS Institute, teaching the Linux System Administration, Perimeter Protection, Securing Linux and Unix, and Intrusion Detection tracks. Bill’s background is in network and operating system security; he was the chief architect of one commercial and two open source firewalls and is an active contributor to multiple projects in the Linux development effort. Bill’s articles and tools can be found in online journals and at http://github.com/activecm/ and http://www.stearns.org.