Intro to Traffic Analysis and Suricata Signature Development Lab - Bsides SLC 2022

ishaughnessy · January 10, 2023, 10:55pm

Interested in learning how to write signatures but need some help getting started? Check out our Traffic Analysis and Suricata Signature Development Lab given at BSidesSLC 2022.

The lab walks through the process of building a signature from scratch to detect CnC exfiltration. Download the VM, follow along and learn how to use Dalton to test your signatures!

VM, Slides, Recording: BSidesSLC 2022 - Google Drive

samjenk · June 4, 2023, 3:11pm

Good tutorial, thanks for posting! I didn’t have time to work through the examples, but as a consumer of signature feeds, it was informative context to see the presenter work through them.

Topic		Replies	Views
About the Rule Signatures category Rule Signatures	0	1599	September 12, 2022
Rockwell cve 2023-3595 and 2023-3596 signatures Rule Signatures	0	617	July 20, 2023
Suricata: An Operator's Guide - Revisions Show and Tell	1	631	July 31, 2023
Weekly Community Review - January 13, 2023 Announcements	0	183	January 13, 2023
Weekly Community Review - February 3, 2023 Announcements	0	220	February 4, 2023

Intro to Traffic Analysis and Suricata Signature Development Lab - Bsides SLC 2022

Related topics