When people think of an open source IDS, they usually think of Snort. Bro is another open source IDS that is more than just an IDS. It is a Network Security Monitor that does so much more. Matt Domko joins me this week to talk about Bropy, a tool he built that works with Bro to help perform anomaly detection. This is definitely a tool you will want to have in your bag of tricks.
Some links of interest:
- Bro Homepage: https://www.bro.org/
- Bropy: https://github.com/hashtagcyber/bropy
- Matt’s Twitter: @Hashtagcyber
- Matt’s Bropy Talk at Security Onion Con: https://www.youtube.com/watch?v=LzFNOuaYc0g
- Want to reach out to the show? There’s a few ways to get in touch!
- Show Twitter: @PurpleSquadSec
- John’s Twitter: @JohnsNotHere
- Website: purplesquadsec.com
- Slack Sign-Up Link: https://signup.purplesquadsec.com
- John’s Peerlyst Profile: https://www.peerlyst.com/users/john-svazic
Thanks for listening, and I will talk with you again next time!