Recruiters want results! Show them your network threat-hunting project with Zeek, Suricata, Python, MMdb, and Ansible.
This course is part of the Practical Network Automation (PNA) series – focused on building real, portfolio-ready network automation labs.
What you’ll learn
- Use Ansible to automate and orchestrate a PCAP analysis pipeline..
- Use Zeek and Suricata for deep PCAP analysis and log generation..
- Use Python code and MMdb to enrich the pipeline’s functionality..
- Use Python to correlate all logs and alerts, and generate reports..
- Learn how to design and build an end-to-end analysis pipeline..
- Build a complete, 100% hands-on project to showcase to recruiters..
Course Content
- Section 1: Setting Everything Up –> 8 lectures • 32min.
- Section 2: Running Zeek, Suricata, Ansible –> 8 lectures • 48min.
- Section 3: Putting Everything Together –> 14 lectures • 1hr 14min.
- Section 4: Enriching the Analysis Pipeline –> 24 lectures • 1hr 40min.
- Section 5: Wrapping Things Up –> 2 lectures • 2min.
Requirements
This course is part of the Practical Network Automation (PNA) series – focused on building real, portfolio-ready network automation labs.
What’s this course all about?
Recruiters want results. Managers, too. They value builders and doers – not just theoreticians.
Show them your own hands-on threat-hunting lab for network traffic analysis, built around a fully automated pipeline using the following tools and technologies:
- Zeek – deep PCAP analysis and context-rich security logs
- Suricata – detection based on pre-defined rules and signatures
- Ansible – automation and orchestration of the analysis pipeline
- Python – for building custom scripts and enriching functionality
- MMdb – for adding IP geolocation and ASN-related information
- VS Code – used for organizing all of our project files and folders
- Ubuntu – base operating system for the traffic analysis pipeline
- VirtualBox – used for virtualization and isolation purposes
During this course, you’ll build a fully automated network traffic analysis pipeline that ingests PCAP files, runs in-depth analysis from multiple angles, generates actionable logs and alerts – as well as a Markdown report summary, and helps uncover unusual or malicious behavior in your network.
- We’re going to build the project together from the ground up, step-by-step
- You will install, execute, code, and also troubleshoot everything alongside me
By the end, you’ll have a threat-hunting lab that you can actually use in the real world for:
- Becoming a better Network Engineer or Security Analyst
- Showcasing a strong project to companies and recruiters
- Monitoring and securing your own home network traffic
This project is a perfect fit if you’re looking to showcase your skills as a:
- Network Engineer or Network Security Analyst
- Network Automation Engineer or QA Engineer
- Network Detection and Response Engineer
- SOC Analyst, SOC Engineer
- Threat Hunting Engineer
Important information before you enroll:
- 30-days money-back guarantee – no questions asked
- Unlimited, lifetime access to the course from any device
- All the future course and code updates are included
- Full instructor support for all course-related questions
- A Certificate of Completion upon finishing the course
Time is ticking – don’t waste it! Start building.
Enroll now, and I’ll see you in the first lecture.