Security BSides London, the UK’s biggest community-driven infosec conference is happy to announce its 8th iteration open to all regardless of background, skill level, income or job-title.  
  • Doors to the main event open at 8.30am with talks starting at 9am on 6 June 2018
  • Workshops will be held on 5 June 2018 starting at 10am; Pre-registration is required
Please remember that Security BSides London has a strict code of conduct available here.
Back To Schedule
Tuesday, June 5 • 12:30 - 16:30
Do you even sniff, Bro? An Introduction to Bro IDS

Log in to save this to your schedule, view media, leave feedback and see who's attending!

An introduction into Bro IDS, a brilliant open source gem in the Blueteam detection arsenal.  
We'll cover best practise for architecture and implementation, after that it'll be hands on with Bro. Getting deeper we'll analyse some traffic, explore RDP coming from the outside the network, domain frequency for exfil/malware, top ports/talkers etc. We'll show some easy wins and give you useful tips that you can use in your own environment.

Demos, exercises and the material will be available on Github for further exploration.

Laptop, complete with virtualbox. Should have a basic understanding of networks.


Michael Eriksson

Michael Eriksson is a Senior Cyber Security Specialist in Sophos, responsible for global network attack detection systems, protecting Sophos' networks.

Craig Jones

Senior Manager - Security Engineering, Sophos
 Craig is Senior Manager of Security Engineering in Sophos, responsible for detection engineering, IR and security infrastructure.​@albanwr​​​

Tuesday June 5, 2018 12:30 - 16:30 BST
Workshop 4 ILEC Conference Centre 47 Lillie Road London SW6 1UD