vZW21 – Day 1 Training Schedule
vZeekWeek 2021 – Day 1 Training Schedule
Don’t forget; register today!
This year there will be two training tracks. This training is free, but registration is required. Attendance will be limited. When registering you will need to pick one of the training tracks: The Zeek Project Training or the Corelight Training. These sessions will be run in parallel.
Signing up for a training session after 24 September 2021 will place you on a waiting list. You will be contacted if a slot becomes available.
(Please note that all times are Pacific Time Zone)
| Day 1 – Training | ||
| Zeek Project Training Track | ||
| 8:00am – 12:00pm | Introduction to Zeek | Fatema Bannat Wala and Keith Lehigh |
|
The Beginner Zeek training is aimed at users who have little to no experience with Zeek. We will introduce you to some basic architecture, show you how to run and customize Zeek on the command line, and give some guidance on how to do basic log analysis. As well, we’ll cover a few frameworks that are useful for getting started with Zeek and give hands-on experience with the Zeek package manager, zkg. If time permits, we’ll give a brief overview of Zeek cluster concepts.
Attendees of this class will have a chance to win a $100 Amazon gift card. Must be in the class to win. PLEASE NOTE: Requirements for this class will be sent after you register. |
||
| 12:00pm 12:30pm | 30 MINUTE BREAK | |
| 12:30pm 4:30pm | Hands on Zeek Scripting | Aashish Sharma |
|
In the hands-on Zeek Scripting training, Aashish Sharma will walk attendees through the fundamentals of Zeek scripting as well as some practical exercises.
Attendees of this class will have a chance to win a $100 Amazon gift card. Must be in the class to win. PLEASE NOTE: Requirements for this class will be sent after you register. |
||
| Corelight and Its Partners Training Track | ||
|
Join Corelight for a full day virtual training session on Corelight. You’ll learn how to deploy and manage
Corelight Sensors and how to use unique Corelight features in your investigations including the Zeek & Suricata integration, C2 detections, and Smart PCAP. Then apply what you’ve learned by building a network monitoring sensor using Corelight@Home–a free and easy way to run Corelight on a Raspberry Pi*. At the end of the day you’ll then learn from Corelight partners like Humio and Chronicle on how to best leverage Zeek data in their platforms.
Don’t have an extra RasPi? Register before September 24th for a chance to win a Raspberry Pi 4 Desktop Kit and managed switch.
PLEASE NOTE: Requirements for this class will be sent after you register. |
||
| 8:00am 10:00am | Corelight 101 – deploy & config & manage | |
| Encrypted Insights – how to use in investigations | ||
| C2 Detections – how to use in investigations | ||
| Zeek/Suricata – how it works, how to use it | ||
| Zeek/PCAP – how it works, how to use it | ||
| C@H – interactive, applying some of what we’ve learned | ||
| 10:00am 10:15am | 15 MINUTE BREAK | |
| 10:15am 11:30am |
Humio Session
Attendees will have a chance to win one Oculus Quest 2. Please note – Must be present to win and located in North America, EMEA, Australia or New Zealand.
|
|
| 11:30am 12:30pm |
Chronicle Session
|
|
12:30pm 1:30pm |
60 MINUTE BREAK | |
| 1:30pm 2:45pm |
Devo Session
Attendees will have a chance to win one Apple TV 4K ($180 value) or one of three $50 Amazon gift cards. Please note – Must be present to win and located in North America, EMEA, Australia or New Zealand.
|
|
| 2:45pm 4:00pm |
Elastic Session
Attendees will have a chance to win one Nintendo Switch ($300 value).
|
|
| 4:00pm TBD |
CLOSING
|
|
* Please note