Advanced Incident Response with Bro

DerbyCon 4.0 - Family Rootz

Presented by: Liam Randall
Date: Sunday September 28, 2014
Time: 16:00 - 16:50
Location: Track 3

The Bro is a programming language designed from the ground up for working with network traffic. In this talk we will cover useful tool- tactics and procedures for examining network traffic for incident response. By building a library of reusable components we will equip our IR team with new capabilities to speed up the incident resolution process with a focus on identifying the real threats facing todays teams. In this demonstration heavy talk we will review practical cases around attack on SSL/TLS- SQL Injection- XOR’d content- and more.

Liam Randall


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats