Zeek Webinar Wed, Nov 6th, 10am Pacific: How Zeek Helps Secure Open Science by Aaron J. Scantlin, NERSC

Join us on Wednesday, November 6th at 10am Pacific for the webinar “How Zeek Helps Secure Open Science”.

The Speaker is Aaron J. Scantlin, from NERSC.

Register here, and also note our list of upcoming webinars.

Abstract:

The National Energy Research Scientific Computing (NERSC) Center, an enclave of Lawrence Berkeley National Lab, is an “open science” research facility dedicated to making HPC resources accessible for researchers and their data accessible to the world. In environments such as these, every CPU cycle spent on security is seen as a CPU cycle not spent on science – and to that end, the NERSC Security team relies heavily on Zeek to passively monitor up to 1Tbps of traffic traversing the border. Additionally, the NERSC Security team leverages Zeek (in conjunction with fluentd) as a “SIEM on a stick” to ingest SSH logs – join NERSC Security team member Aaron Scantlin for an overview of their use case, cluster architecture and maintenance processes.

Bio:

Aaron J. Scantlin is a cybersecurity engineer for the National Energy Research Scientific Computing (NERSC) Center at Lawrence Berkeley National Lab, as well as a former adjunct instructor in the College of Engineering at University of Missouri – Columbia. Aaron has been a Zeek Geek for so long he’s a Bro Bro! His first talk involving Zeek was a talk entitled “Home Network Security Monitoring on the Cheap” at SecKC in 2016 and he has found himself using Zeek in some capacity ever since. Energetic and passionate (sometimes to a fault), this talk will be sure to both inform and entertain.