Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRULES) 2.0

The Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRules) v2.0 course shows you how to write rules for Snort, an open-source intrusion detection and prevention system. Through a combination of expert-instruction and hands-on practice, this course provides you with the knowledge and skills to develop and test custom rules, standard and advanced rules-writing techniques, how to integrate OpenAppID into rules, rules filtering, rules tuning, and more. The hands-on labs give you practice in creating and testing Snort rules.

Course syllabus:

  1. Introduction to Snort Rule Development

  2. Snort Rule Syntax and Usage

  3. Traffic Flow Through Snort Rules

  4. Advanced Rule Options

  5. OpenAppID Detection

  6. Tuning Snort