Distributed Sensor Network Using Suricata on a Brazilian Academic Network
HTML-код
- Опубликовано: 3 авг 2024
- Presented at SuriCon 2022 by Rildo Souza
Driven by the need for greater autonomy in detecting malicious activity at Brazilian academic networks, CAIS/RNP, the Brazilian National Academic and Research Network CSIRT - which serves a constituency of approximately 1500 institutions - developed its monitoring solution based on an open-source Network IDS/IPS (Suricata) using a master-engine model and incorporating additional features and customizations to obtain an efficient, easily-managed and complete solution for proactive detection of network security incidents, thus facilitating the day-to-day of incident handlers and strengthening the CSIRT incident handling capability, which is one of the core services of any CSIRT. 
Развлечения
