This training enables Snort users to develop and implement Snort rules themselves. The training focuses on Snort rules language and looks at general syntax, best practices and optimization of the rule. Participants will analyze network traffic in case studies and develop their own rules for recognizing the Developing attacks. Participants can test whether they can effectively protect their own systems against attacks with their rules can protect.
Prerequisites: Participants should have experience operating a Snort sensor. Ideally they have attended the course “Intrusion Detection with Snort”.