You’ll also develop useful foundational scripts you can use to guide your detection and analysis.
This includes scripts for detecting large HTTP flows, extracting files based on MIME type, determining the ratios of HTTP methods, firing events based on connection thresholds, and protocol filtering scripts.
Each lesson consists of lectures that overview critical concepts, instructor-led demonstrations that walk through Bro examples, and lab exercises when you practice the concepts you’ve learned.
There is also a discussion forum where you can ask questions and share tips and tricks with other students and your instructor
This is a scripting course and assumes some level of programming knowledge. You should have experience with another scripting language (Perl, Python, etc), and a basic understanding of programming concepts.