Next week, on March 11, Ladislav Bačo is back for part 2 of his webinar! After the Suricata in the homelab and SOHO webinar, let’s focus on Incident Response and Network Monitoring.
Building on foundational network monitoring, this webinar explores incident response from a strong network perspective. Suricata’s detailed logging generates a lot of useful events in addition to its alerts, offering valuable metadata and behavioral insights even when traffic is encrypted (without any payload decryption).
Using examples from real-world scenarios and a controlled simulated phishing attack with malware, we will walk through practical analysis of Suricata’s eve.json logs. You’ll learn how to leverage various event types—such as DNS, HTTP, TLS, fileinfo, and flow records—to reconstruct attack timelines, identify suspicious patterns, and support faster decision-making in SOHO or home network investigations.
This session is recommended for security practitioners who want to integrate network forensics into their incident response workflows, with practical tips on making Suricata data more actionable in broader IR processes.
Ladislav Baco is a Senior Security Consultant, Malware Analyst and Network Analyst, with more than 10 years of experience in computer security, computer science and education. Currently he works as a Network Analyst at ESET, with focus on Network Forensics, Threat Hunting, Threat Intelligence and Research of Intrusion Detection.
Save the date
- March 11 (Wednesday)
- 4 PM UTC
Register to watch live via Zoom: Webinar Registration - Zoom
