Machine Learning with Zeek and Tensorflow (Part 1): Talking to Zeek

How do you get your packet and stream data out of Zeek so that you can use it in Machine Learning? How can you classify your network data using TensorFlow? How can you detect anomalies and anomalous protocols on your network for threat hunting in real time? Come join us for packets, python, and fun! In this first episode, our goal is to establish Broker communications between Zeek and an external Python script. Once that’s working, we’ll turn our attention to creating a Zeek script that can send the start of the stream data to our Python script for future classification. David Hoelzer, the operations chief for Enclave Forensics, Inc. and a managing partner with Occulumen, Ltd. (and SANS Fellow) will lead this livestream. David has more than thirty years of experience in the IT and cybersecurity fields, with more than 25 years specifically in the network monitoring, SOC operations, and incident response fields. He leads the machine learning function within Enclave Forensics and is the author of both SEC503 (Intrusion Detection In-Depth) and SEC595 (Applied Data Science and Machine Learning/AI for Cybersecurity Professionals). More Info About: David Hoelzer: https://www.sans.org/profiles/david-h... SEC503: Intrusion Detection In-Depth https://www.sans.org/cyber-security-c... SANS SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals https://www.sans.org/cyber-security-c... #tensorflow #machinelearning #ai #ml #machinelearning #zeek #networking #datascience #python