Most of my training is private. I wanted to let you know of a few public one-day or more classes I will be providing in the coming months. I will teach a one day course on Network Security Monitoring with Open Source Tools at the USENIX 2006 Annual Technical Conference in Boston, MA on Friday, 2 June 2006. This is the course to attend if you want to learn the essential components of network security monitoring. We will use tools on my Sguil VM in this class.
I am happy to report that USENIX accepted a proposal for a new class as well. I will teach a brand new, two day course called TCP/IP Weapons School at USENIX Security 2006 in Vancouver, BC on 31 July and 1 August 2006. Are you a junior security analyst or an administrator who wants to learn more about TCP/IP? Are you afraid to be bored in routine TCP/IP classes? TCP/IP Weapons School is the class you need to take!
USENIX LISA will take place 3-8 December 2006 in Washington, DC. I plan to propose either or both of the following new classes for that conference: (1) Enterprise Network Instrumentation and (2) Detecting Intrusions with Snort and Sguil. The first class will be one day, and will cover issues related to accessing network traffic for security monitoring and prevention purposes. The second class will also be one day, and will describe how to install, operate, and optimize a Sguil-based incident detection system. I may be asked to present other material; we'll see.
I will be unable to travel during the last four months of the year. (Luckily USENIX LISA will be in my back yard.) If you are considering approaching me to teach a class for your organization, please contact me as soon as possible. My schedule is rapidly filling, as are the seats in my only public Network Security Operations class this year -- 13-16 June 2006 in Fairfax, Virginia. Discounted registration ends soon.
Check out my events page for details on other teaching and speaking engagements.