Dear all,
We would like to advertise the next WLCG Security Operations Center Working Group Workshop, which
will take place at CERN and remotely via Vidyo on 27-29th June 2018 (
https://indico.cern.ch/event/71
7615/). The Workshop will take place all day on the 27th and 28th, and the morning of the 29th.
The format will be that of a hands-on hackathon with the aim of helping attendees with deployment of
security tools like Bro and MISP at their local sites. Documentation for the deployment of MISP and
Bro can be found here:
http://wlcg-soc-wg-doc.web.cern.ch/. Sites are encouraged to identify
resources and follow these instructions prior to the workshop to allow for assisted deployments.
Following on from the first Workshop in December 2017 (
https://indico.cern.ch/event/676160/), this
time we will spend time focusing on the following areas:
- Initial steps covering most of the topics from the first workshop, particularly aimed at newcomers
- Network topologies, traffic mirroring and optical taps
- Elasticsearch and associated tools
- Advanced aggregation, correlation and enrichment of generated alerts
Additional resources can be found at the working group website:
https://wlcg-soc-wg.web.cern.ch/. If
you are interested in attending please register on the Indico page:
https://indico.cern.ch/event/717615/registrations/
If you require a visitor's pass to attend in person, please make a note of this in the registration.
In addition, there is expected to be high occupancy of the CERN Hostel for these dates, so you can
find a page with additional accommodation options here: https://indico.cern.ch/event/717615/page/135
37-accommodation.
Best wishes,
David Crooks
Liviu Valsan