Defending Black Hat: How Corelight leverages Zeek, Suricata, and AI at the BlackHat NOC

SPEAKERS

Ignacio Arnaldo

Director of Data Science, Corelight

Register for the recorded webinar

Explore how we leverage our pillar technologies—namely Zeek, Suricata, and AI—to monitor and respond to threats against the BlackHat conference.

The BlackHat NOC is a collaborative effort between some of the industry's best vendors and products, with Corelight focusing on Network Detection and Response.

After nearly two years on the global conference circuit, I am excited to share insights and lessons learned from this unique and complex network, including how we leverage LLMs to improve alert triage in offensive security trainings. We’ll conclude with a few anecdotes from our investigations, highlighting our approach to threat detection in this unique environment.

SPEAKER:

Ignacio Arnaldo

Director of Data Science, Corelight

I am lucky to work as a data scientist at Corelight with the creators and maintainers of Zeek, the open source network security monitoring tool. I'm also honored to be part of the BlackHat NOC, a collaborative effort with the industry's top talent and products. My focus is to use machine learning to solve network security challenges (and there are quite a few!). I am interested in building systems that can put machine learning to use, threat detection and pentesting. Before Corelight, I worked at PatternEx, an early stage AI startup focused on threat detection. In another life, I was a researcher at CSAIL, MIT and received my PhD in computer science from Universidad Complutense in 2013.