Bro is a popular open-source intrusion-detection tool that the University of Oklahoma has been using for several years with much success. It has become the source of record for all network traffic and allows our teams to perform forensic analyses on events and incidents. Last year we bought out the lease of the university's old supercomputer. With 300+ high-compute nodes now available, we're going from 8 nodes to 40 nodes with a 40-node Elastic Search front end. Come see the results! This is a topic specific/intermediate level session.
Outcomes: Learn about Bro as and IDS tool * See what a scaled environment can do with Bro * Find examples on how to start