Intrusion detection is a foundational skill for many cybersecurity careers. Learn how intrusion detection works in action in this live webcast. Then take these free intrusion detection system (IDS) tools and start building your skills.
Join Infosec Skills author Mark Viglione on March 8 at 11 a.m. CST to learn all about:
What is intrusion detection?
How intrusion detection fits into different career paths
Live demo of Zeek for log analysis
Live demo of Elastic SIEM for incident response
Plus your live intrusion detection and career questions
CNIC Information System with Pakdata Cf In Pakistan
Learn intrusion detection: Using Zeek and Elastic for incident response
1.
2. Meet the
panel
Infosec Skills author &
Founder of Enigma Networkz
Jeff Peters
Director of Content Marketing
Infosec
Mark Viglione
3. Today’s
webcast
⮚ Intrusion detection overview
⮚ MITRE ATT&CK and intrusion detection
⮚ Intrusion detection demo
⮚ Use case
⮚ Tools
⮚ Zeek demo
⮚ Elastic demo
⮚ Q&A
4. More cybersecurity training resources
Learn intrusion detection with Mark Viglione
⮚ Advanced Intrusion Detection learning path
⮚ Read Mark’s intrusion detection blogs
Free resources from Infosec
⮚ Create your free Infosec Skills account
⮚ Infosec Skills Monthly Challenge
⮚ Infosec YouTube channel
⮚ Infosec Accelerate Scholarship
5. Intrusion detection overview
Intrusion detection is a way to
detect if any unauthorized activity
is occurring on your network or any
of your endpoints/systems.
Jobs that require IDS
knowledge and skills:
⮚ SOC analyst
⮚ Cybersecurity analyst
⮚ Cyber threat hunter
⮚ Network security
engineer
⮚ Systems engineer
⮚ Penetration tester
6. Intrusion detection overview: 3 types
Signature-based detection
involves detecting
previously known
vulnerabilities and attacks
Rule-based detection
uses a set of rules to
determine whether an
activity is suspicious
Anomaly detection
uses methods like
machine learning to
detect previously
unknown threats
8. Intrusion detection demo: Use case and tools
Intrusion detection example
⮚ Generating Zeek logs from Brim
⮚ Uploading to Elastic, an open-
source security information and
event management (SIEM) tool
⮚ Exploring the data, walking
through a dashboard and
setting up detections
Demo
9. Intrusion detection: What’s next?
Visibility is crucial for blue teams and network
defenders. You set up the rule. Now what?
⮚ Tuning: Huge part of building valuable detections
⮚ Alert fatigue: Prioritizing alerts/detections
⮚ Choice of tools: Many different tools, how to
choose?
12. Learn cybersecurity with Infosec Skills
Infosec Skills subscription:
➢ 190+ role-based learning paths (e.g., Ethical Hacking,
Digital Forensics, Advanced Intrusion Detection)
➢ 100s of hands-on labs in cloud-hosted cyber ranges
➢ Custom certification practice exams and skill
assessments aligned to key cybersecurity roles
Infosec Skills live boot camp:
➢ Live, instructor-led training (in-person or live online)
➢ Free annual Infosec Skills subscription
➢ 1-year extended access to all boot camp video replays
and materials
➢ Exam voucher and Exam Pass Guarantee
infosecinstitute.com/skills
13. Free year of Infosec Skills
And the winner for a
one-year subscription to
Infosec Skills is …
infosecinstitute.com/skills
(Valued at $599)
14. About us
Infosec believes knowledge is power when fighting
cybercrime. We help IT and security professionals advance
their careers with skills development and certifications
while empowering all employees with security awareness
and privacy training to stay cyber-safe at work and home.
www.infosecinstitute.com