Join OISF and Stamus Networks for a webinar to introduce the new Splunk App for enterprise Suricata deployments. This webinar will be led by Eric Leblond, the lead developer of the app and a senior developer of Suricata.
Enterprises deploying multiple Suricata sensors need a way to consolidate the logs, events and alerts from those sensors into a “single pane of glass” to efficiently correlate, analyze, search, and gain insights into their overall enterprise network security posture.
Recently, Stamus Networks announced the general availability of its application for Splunk which supports both Suricata sensors and Scirius Security Platform. The app is open source, free, and currently available for download on Splunkbase.
This is a free webinar but seats are limited. To register, go to our EventBrite page: https://www.eventbrite.com/e/suricata-and-splunk-tap-into-the-power-of-suricata-with-the-new-splunk-app-tickets-128175800269?ref=estw
Suricata is recognized as the de facto standard network intrusion detection system (IDS), but it is less well-known for its network security monitoring (NSM) capabilities – which can rival those of other dedicated NSM software. This webinar will highlight both dimensions by demonstrating advanced analytics and anomaly detection from the IDS side and will use Splunk search and dashboards to demonstrate the NSM side which can provide deep insight into your network activity.
What you can expect:
- Learn the basic capabilities of the Splunk App
- Explore the benefits of the app through several real-world use cases
- Gain a greater understanding of both the IDS and NSM capabilities of Suricata
- Understand the importance of Splunk’s Common Information Model
- Learn where you can find additional information
- Q&A with the App’s lead developer
Who should attend:
- Threat hunters, incident responders and other security practitioners who use Splunk
- Current Suricata and Splunk users who wish to learn the value of the dedicated app
- Suricata users who are considering Splunk in their enterprise
- Enterprise Splunk users considering deploying Suricata in their network
The App provides a powerful set of dashboards and query capabilities. These dashboards include one specifically designed to assist Zeek users in becoming familiar with the advanced Suricata network security monitoring features such as TLS information from SMB or Kerberos activity, HTTP hosts and many other protocol transactions.
Speaker: Éric Leblond
CTO of Stamus Networks, OISF Executive Council Member, and Suricata Senior Developer
Éric is the Chief Technology Officer of Stamus Networks, and the lead developer of the Stamus Networks App for Splunk. He has more than 15 years of experience as co-founder and CTO of cybersecurity software companies and is an active member of the security and open source communities. Since 2009, he has been one of the core developers of Suricata. He is also part of OISF executive council and the Netfilter Core team for the Linux kernel’s firewall layer.