Tuesday, August 13, 2013

Feedback from Network Security Monitoring 101 Classes

At Black Hat in Las Vegas I taught two Network Security Monitoring 101 (NSM101) classes. This is a new class that I developed this year, after retiring the third edition of my TCP/IP Weapons School. Once again I was glad to have Steve Andres from Special Ops Security there to help students with questions and lab issues.

I wanted to share some feedback from the classes, in case any of you are considering attending an upcoming edition. Currently I'm scheduled to teach at Black Hat Seattle on 9-10 December. I plan to continue offering my class through Black Hat as they expand their training location offerings.

Student feedback from NSM101 included:
  • Great tools, fun labs, very prepared -- a lot of experience from interesting real world scenarios.
  • This course was everything I hoped for and more. Very impressive considering the course is new.
  • One of the best training classes I have ever taken.
  • Richard hosted an exemplary class.
  • I thought the class was excellent, and the content was relevant and informative.
  • The instructor was there when help was needed. I can easily take what I learned here and apply it to my work.
  • Excellent instructor and class. It is nice to learn from true pros who are humble and willing to help.
  • Richard is an excellent speaker. His use of real world examples added value to each lab. The material was easy to understand and very well thought out.
  • The stories behind the scenes and the practical notes (i.e., how to create a team) really helped.
  • Great balance of hands-on and theory.
  • Easy to follow and inspiring, even for an NSM beginner like me.
  • Great companion to the new NSM book.
  • This class was fantastic. I wish I could send my whole department.
  • I look forward to using your book and teaching some of your techniques to my students.

In the "constructive criticism" category, several students recommended that I modify the class description to better suit the class structure. For example, some students didn't realize they would be using Security Onion in the class. A few students told me they would have sent more people from their team if they had a better sense of what the class was going to include. I will fix that for the Seattle edition and future events.

Overall I very much enjoyed teaching the new class. I will make a few tweaks to fix typos but otherwise I am ready to teach again in December. Once the registration form is active I will post it via Twitter.

If you have any questions, please post them as comments here or via Twitter to @taosecurity. Thank you.

7 comments:

ric said...

Hello, are you planning to have these training available also in streaming or recorded ?

I'm interested.

Kirk said...

Can I have that book I pre-ordered yet, or what?

Patrick said...

Sounds like it was a great class.

Anonymous said...

Ditto what Ric said "
Hello, are you planning to have these training available also in streaming or recorded ?"

Richard Bejtlich said...

I have no plans for streaming or recording at this time.

Anonymous said...

Dear Richard,

Very interesting materials considering your background. How can I get these your's a paper class handbook with printed slides, a lab workbook, and the teacher’s guide for the lab questions. a DVD with a recent version of the Security Onion NSM distribution.

Sorry to bother you. I already bought your book. Would like to master it.

Thank you.

Anish

Richard Bejtlich said...

I only make class materials available to students who take the class.