• moving to https://github.com/ccdcoe/CDMCS

Cyber Defence Monitoring Course Suite (CDMCS)

This material has been designed to be taught in a classroom environment.

The material is missing some of the contextual concepts and ideas that will be covered in class.

This is 3 x ( .5 + 3 + .5 ) days of material for any intermediate-level dev-ops who has some experience with other security|monitoring tools and wants to learn Suricata, Bro and Moloch. We believe these classes are perfect for anyone who wants a jump start in learning Suricata, Bro and Moloch or who wants a more thorough understanding of the three and their internals.

Minimal Qualified Student

TODO ....

Before You Come To Class

Please visit:

• http://suricata-ids.org/
• https://www.bro.org/
• https://github.com/aol/moloch

Historical material:

• vagrant multi-machine: Moloch, Bro,Suricata,ElasticSearch,Kibana
• Getting started with Network Forensics

Go to the material

.	Suricata	Bro	Moloch
day 0 :: intro	*	*	*
day 1 :: single box	*	*	*
day 2 :: cluster	*	*	*
day 3 :: advanced	*	*	*
day +1 :: wrapup	*	*	*

Current Classes

• Suricata :: Rule-based Threat Detection Course
• Bro :: Semantic Network Security Monitoring Course
• Moloch :: Large-Scale Packet Capture Analysis Course

Teachers

• hillar
• regit
• markuskont
• mpihelgas

Thanks

pevma, inliniac, jasonish