CONTACT US
Webinar_tag

Defending Black Hat: How Corelight leverages Zeek, Suricata, and AI at the BlackHat NOC

SPEAKERS
Ignacio Arnaldo - image

Ignacio Arnaldo

Director of Data Science, Corelight

Register for the recorded webinar

Explore how we leverage our pillar technologies—namely Zeek, Suricata, and AI—to monitor and respond to threats against the BlackHat conference.

The BlackHat NOC is a collaborative effort between some of the industry's best vendors and products, with Corelight focusing on Network Detection and Response.

After nearly two years on the global conference circuit, I am excited to share insights and lessons learned from this unique and complex network, including how we leverage LLMs to improve alert triage in offensive security trainings. We’ll conclude with a few anecdotes from our investigations, highlighting our approach to threat detection in this unique environment.

Ignacio Arnaldo - image

SPEAKER:

Ignacio Arnaldo

Director of Data Science, Corelight

I am a data scientist at Corelight, where I work with the creators and maintainers of Zeek on using machine learning and AI to solve network security challenges. My current focus is on building AI agents for detection engineering, connecting LLMs to real world network data to accelerate the development and tuning of detections. I also get to experience the other side as an operator with the Corelight team at the BlackHat NOC, dogfooding our tools in live production environments. Before Corelight, I worked at PatternEx, an early stage AI startup focused on threat detection. In another life, I was a researcher at CSAIL, MIT and received my PhD in computer science from Universidad Complutense in 2013.

corelight-logo-white

Corelight provides security teams with network evidence so they can protect the world's most critical organizations and companies.