One Day Corelight Foundational Training EMEA

One Day Corelight Foundational Training EMEA

Come learn about Zeek and Corelight in our one-day training

Not currently available

There are no seats available for purchase at this time.

Cancel Apply

rate limit

Code not recognized.

About this course

We will spend 7 hours covering the following topics. 

Why NTA? Why Zeek? Why Corelight?

An overview for new users on Zeek vs. other network traffic data, and how Corelight enhances Zeek. 

Using Corelight Data for Incident Response

Incident Response: Through hands-on exercises, we’ll complete an investigation, including file extraction, using only network data.

Using Corelight Data for Threat Hunting

Threat Hunting: We’ll talk through lots of threat hunting use cases and stories of hunts we have been on using network traffic. 

Encrypted Traffic Collection & Command and Control Collection

Corelight’s research continues to enhance the visibility above-and-beyond open-source Zeek. We will talk about what we can see in encrypted traffic and also cover command and control. 

Capture The Flag competition

We’ll apply Corelight data in a variety of scenarios, including internal hosts compromised by malware infections and externally-exposed hosts being compromised. Participants will need speed and precision to find artifacts and assemble the attack’s storyline and workflow. An instructor will answer 1:1 questions and guide students through the challenge questions.

About this course

We will spend 7 hours covering the following topics. 

Why NTA? Why Zeek? Why Corelight?

An overview for new users on Zeek vs. other network traffic data, and how Corelight enhances Zeek. 

Using Corelight Data for Incident Response

Incident Response: Through hands-on exercises, we’ll complete an investigation, including file extraction, using only network data.

Using Corelight Data for Threat Hunting

Threat Hunting: We’ll talk through lots of threat hunting use cases and stories of hunts we have been on using network traffic. 

Encrypted Traffic Collection & Command and Control Collection

Corelight’s research continues to enhance the visibility above-and-beyond open-source Zeek. We will talk about what we can see in encrypted traffic and also cover command and control. 

Capture The Flag competition

We’ll apply Corelight data in a variety of scenarios, including internal hosts compromised by malware infections and externally-exposed hosts being compromised. Participants will need speed and precision to find artifacts and assemble the attack’s storyline and workflow. An instructor will answer 1:1 questions and guide students through the challenge questions.