Zeek (Bro) Workshop Europe 2019

from Tuesday, 9 April 2019 (11:30) to Thursday, 11 April 2019 (13:30)
CERN (IT Amphitheatre)

        : Sessions
    /     : Talks
        : Breaks
9 Apr 2019
10 Apr 2019
11 Apr 2019
AM
11:30
Registration and lunch (until 13:00) (31-3-004 - IT Amphitheatre)
08:15
Visit of CERN facilities (until 10:00) (31-3-009 - IT Amphitheatre Coffee Area)
10:15
Workshop presentations (until 11:45) (31-3-004 - IT Amphitheatre)
10:15 Running Zeek on the WAN: Experiences and solutions for large scale flow asymmetry - Scott Campbell (Unknown)   (31-3-004 - IT Amphitheatre)
10:45 DNSSEC protocol parser - A case study - Ms Fatema Bannat Wala (University of Delaware)   (31-3-004 - IT Amphitheatre)
11:15 The new Zeek Configuration Framework - Ms Amann Johanna (ICSI/Corelight/LBL)   (31-3-004 - IT Amphitheatre)
11:45
Lunch (until 13:15) (CERN Restaurant no. 2)
08:00
Breakfast (until 09:00) (31-3-009 - IT Amphitheatre Coffee Area)
09:00
Workshop presentations (until 10:30) (31-3-004 - IT Amphitheatre)
09:00 Without “U” there is no CommUnity: Nurturing and growing an active and contributing community - Ms Amber Graner (Corelight)   (31-3-004 - IT Amphitheatre)
09:30 Threat hunting @ Mozilla - Mr Michal Purzynski (Mozilla Corporation)   (31-3-004 - IT Amphitheatre)
10:00 Q&A Session with the Zeek Team   (31-3-004 - IT Amphitheatre)
10:30
Workshop wrap-up (until 11:30) (31-3-004 - IT Amphitheatre)
PM
13:00
Workshop presentations (until 15:00) (31-3-004 - IT Amphitheatre)
13:00 Opening remarks - Frederic Hemmer (CERN)   (31-3-004 - IT Amphitheatre)
13:10 Keynote: Finding the balance between academic freedom, operations and security - Stefan Lueders (CERN)   (31-3-004 - IT Amphitheatre)
14:00 How did we get here? - Prof. Vern Paxson (UC Berkeley / Corelight / ICSI)   (31-3-004 - IT Amphitheatre)
14:30 Real time ingestion of MISP threat intel into Zeek coupled with historical SIEM threat hunting - Liviu Valsan (CERN) Dr Matthias Vallentin (Tenzir)   (31-3-004 - IT Amphitheatre)
15:00
Coffee break (until 15:45) (Restaurant 2 - Coffee Area)
15:45
Workshop presentations (until 16:45) (31-3-004 - IT Amphitheatre)
15:45 Looking Forward: On Supervisors, Packages, and Sandboxes - Robin Sommer (Corelight / ICSI / LBNL)   (31-3-004 - IT Amphitheatre)
16:15 Email security auditing and alert triage with Zeek - Mr Barry Weymes   (31-3-004 - IT Amphitheatre)
17:00
Welcome reception (until 18:30) (CERN Restaurant no. 2)
13:15
Workshop presentations (until 14:45) (31-3-004 - IT Amphitheatre)
13:15 Selective Packet Capture at High Speed Rates - Dr Jordi Ros-Giralt   (31-3-004 - IT Amphitheatre)
13:45 Network Cartography Using Passive Traffic Analysis - Vivien Venuti   (31-3-004 - IT Amphitheatre)
14:15 A deep dive into the Zeek logging framework - Christian Kreibich (Corelight)   (31-3-004 - IT Amphitheatre)
14:45
Coffee break (until 15:30) (Restaurant 2 - Coffee Area)
15:30
Workshop presentations (until 17:00) (31-3-004 - IT Amphitheatre)
15:30 DHCP Overhaul - Mr Seth Hall (Corelight)   (31-3-004 - IT Amphitheatre)
16:00 JA3 and Windows hosts - Mr Jeff Atkinson (Verizon Media)   (31-3-004 - IT Amphitheatre)
16:30 Using Zeek Endpoint Event Logs when Fishing within a Data Lake - Mr Tim Larson   (31-3-004 - IT Amphitheatre)
Your browser is out of date!

Update your browser to view this website correctly. Update my browser now

×