Corelight Blue Team CTF

corelight

Saturday night // 7pm // 205AB

Overview

Bring your team for an immersive lab-based, instructor-led defensive Capture the Flag exercise with Corelight. Participants will dive into one or more real-world scenarios to detect and respond to threats using logs from Corelight’s Open NDR.

Agenda

  • Introduction to Zeek: Brief overview of Zeek and its role in network security. Understanding how to leverage Zeek data for threat detection.
  • Hands-on Hunting: Participants will actively engage in a variety of hunting exercises across different protocols. Use your wits to identify and respond to potential threats discovered in Zeek data. Questions are encouraged, but participants have full control at the keyboard.
  • Competition and Scoreboard: Participants compete against each other in a friendly competition. Scores will be tracked on a real-time scoreboard.
  • Debriefing: Discussion on the attacks witnessed during the exercise. Brief overview of how Corelight can enhance threat detection and response capabilities.
  • Corelight Integration: Learn how Corelight can be integrated into your network defense strategy. Understand the added value Corelight brings to Zeek-powered threat detection.

Requirements

Each participant will need their own laptop, a standard web browser, and a connection to the Internet.

Continuing Professional Education (CPE)

Participants may request a certificate documenting their participation in the Capture the Flag exercise for CPE credits, to help maintain Information Security certifications.

Conclusion

Whether this exercise is administered by your Sales Engineer or as part of a formal Corelight training, participants will build their understanding of the power of Corelight. At the end of the event, participants will not only have honed their threat detection skills but will also have gained insights into leveraging Corelight for effective network defense.

Event brief