Open Source Cyber Threat Intelligence for Absolute Beginners

This meetup is all about open source intelligent cyber threat detection. I am delighted that we were able to bring Klaus Agnoletti from CrowdSec to Vienna. It is our pleasure to welcome you to a 2 hours hands-on workshop to intelligent cyber threat detection. Important: Bring your own laptop!

This is the on-site registration page. To register for the online event, follow this link: https://community.cncf.io/e/mwgwyf/

Content

You are going to install and configure CrowdSec, a FOSS IDS/IPS tool that reads log, detects attacks, and shares information about those attacks with other users in an anonymous way.
You will configure the NGINX bouncer, which mitigates threats based on information from the CrowdSec agent and the community. You'll also learn the basics of what CTI (Cyber Threat Intelligence) is, how it works and how it can help you protect your infrastructure.

Prerequisites

Intermediate Linux skills; know how to edit a file, and restart services. Knowledge of Docker is an advantage.

Agenda

* Introduction to CTI and CrowdSec
* Installing CrowdSec and NGINX bouncer
* Configuring NGINX bouncer with ReCAPTCHA remediation
* Working with CrowdSec cscli
* Loading cold logs into CrowdSec
* Visualizing using Metabase and CrowdSec Consoles
* CrowdSec console features

Who this workshop is for

Audience is everybody from your average self-hoster to professional sysadmins, devops and devsecops who have a bit of Linux experience and know their way around text editing, installing software from packages and restarting services.

Thanks

Special thanks to TTTech for hosting the event.