Seminar Series

Virtual seminars on basic network threat hunting and security

OmniSOC member universities University of Nebraska, Rutgers University and Indiana University are partnering with Elastic Company to offer a series of virtual seminars on basic network threat hunting and security this July.  Interested students and staff of OmniSOC member university are encourage to contact their schools representative (listed below) to discuss enrollment in the series. The series will consist of eight seminars, each approximately three hours, presented over Zoom and will include presentations, Q&A sessions, and lab work.  OmniSOC staff is excited to have this opportunity to partner with Elastic to bring this series to our staff and student communities.  We anticipate a full house for this event so please sign up early!

REGISTRATION IS NOW CLOSED

We received  an overwhelming response, and registration for this year’s Seminar Series is now closed. If you’d like to be put on the wait list, please send an email to cyberint@iu.edu.

Registrants and wait listed individuals will be notified of their status by June 29th.

OmniSOC Virtual Seminar Series with Elastic Co.

July 6th – 30th, 2020

CSM Cyber Foundations Training

Tuesday, July 7th: 2pm – 5pm – Elastic Day 1 – Intro to Linux, how to run cmds

  • Overview: 
    • This course will familiarize students with the Linux operating system and help them navigate the command line. Students will learn how to create and manipulate files as well as run commands in conjunction to perform simple searches and filtering of text.
  • Topic Areas: 
    • Design Principles
    • CLI Fundamentals (w/ lab)
    • Using Editors (w/ lab)
    • Searching & Filtering (w/ lab)

Thursday, July 9th: 2pm – 5pm – Networking Fundamentals

  • Overview: 
    • This course will give students an overview on networking topics focusing primarily on the TCP/IP stack. Application layer topics will also be covered. Students will be provided with packet captures for a wireshark exercise.
  • Topic Areas: 
    • TCP/IP stack
    • SMTP/HTTP/DNS/etc.
    • Wireshark decoding

Tuesday, July 14th: 2pm – 5pm – Elastic Day 3 – Zeek / Signature Engine 

  • Overview:  
    • This course will familiarize students with Zeek and its ability to analyze network traffic. Students will create, view, and search Zeek ASCII logs in order to gain a better understanding of what data is provided by Zeek.
  • Topic Areas: 
    • What is Zeek?
    • Zeek Project History
    • Running Zeek from the Command Line (w/ lab)
    • ASCII Logs Overview (w/ lab)
    • Filtering and Sorting Data (w/ lab)
    • Capture the Flag (w/ lab)
    • IU provides short 30 minute on Signature Engines

Thursday, July 16th: 2pm – 5pm – Elastic Hands-on exercises using the tools from Day 1 

  • Overview:
    • This course will familiarize students with Kibana and its ability to filter and visualize data in a clear and concise picture. Students will learn how to filter and search using the Lucene query syntax and will learn how to navigate and filter pre-made dashboards.
  • Topic Areas:
    • Kibana Overview
    • Lucene Searching
    • Filtering
    • Dashboards

Kibana Threat Hunting

Tuesday, July 21st: 2pm – 5pm – Elastic Threat Hunting

  • Overview: 
    • This course will have students searching through a snapshot in time to find malicious activity that took place. Students will utilize a capture the flag environment to help guide them in their pursuit of discovering what malicious activity took place.
  • Topic Ares:
    • Individual hunt Day 1

Thursday, July 23rd: 2pm – 5pm – Elastic Threat Hunting

  • Overview: 
    • This course will have students searching through a snapshot in time to find malicious activity that took place. Students will utilize a capture the flag environment to help guide them in their pursuit of discovering what malicious activity took place.
  • Topic Ares:
    • Individual hunt Day 3

Incident Response and Guest Speakers

Tuesday, July 28th: 2-5pm Incident Response Process and Forensic Analysis

  • Overview: 
    • This course will be split into two sections. The first part of the day will cover Incident response. Students will hear stories of how IR functions when an event occurs. The second part of the day will cover forensic analysis and how it fits in to incident response.
  • Topic Areas: 
    • How Incident Response works and why it is important.
    • Tales from the trenches
    • Forensic Analysis and how it fits in with IR

Thursday, July 30th: 2-5pm View from the CISOs Office

  • Overview: 
    • TBD