Defending Black Hat: How Corelight leverages Zeek, Suricata, and AI at the BlackHat NOC

SPEAKERS

Ignacio Arnaldo

Director of Data Science, Corelight

Register for the webinar

When: 21 October at 10 AM GMT

Explore how we leverage our pillar technologies—namely Zeek, Suricata, and AI—to monitor and respond to threats against the BlackHat conference.

The BlackHat NOC is a collaborative effort between some of the industry's best vendors and products, with Corelight focusing on Network Detection and Response.

After nearly two years on the global conference circuit, I am excited to share insights and lessons learned from this unique and complex network, including how we leverage LLMs to improve alert triage in offensive security trainings. We’ll conclude with a few anecdotes from our investigations, highlighting our approach to threat detection in this unique environment.

SPEAKER:

Ignacio Arnaldo

Director of Data Science, Corelight

I am lucky to work as a data scientist at Corelight with the creators and maintainers of Zeek, the open source network security monitoring tool. I'm also honored to be part of the BlackHat NOC, a collaborative effort with the industry's top talent and products. My focus is to use machine learning to solve network security challenges (and there are quite a few!). I am interested in building systems that can put machine learning to use, threat detection and pentesting. Before Corelight, I worked at PatternEx, an early stage AI startup focused on threat detection. In another life, I was a researcher at CSAIL, MIT and received my PhD in computer science from Universidad Complutense in 2013.