Close.

Register for a workshop

Thank you! Our team will get back to you within 2 business days to confirm a workshop date and fine-tune any other details.
We kindly request a business email address. Please note that temporary or free email addresses are not accepted. Should you require assistance or wish to discuss this matter further, please contact us at partners@ellio.tech. Thank you for your cooperation.
Threat Intelligence on mass scans and exploits. Hunt, respond, eliminate it faster and targeted with ELLIO Threat Platform.

Hands-on workshops and trainings

Advance your skills and knowledge with ELLIO experts.

Threat Intelligence on mass scans and exploits. Hunt, respond, eliminate it faster and targeted with ELLIO Threat Platform.

Join our upcoming hands-on workshops to advance your skills in network protection and threat hunting. Gain the latest insights into the behavior driving network recon and mass scanning, their role in modern cyberattacks, and how to build an effective, real-world defense against them. Learn practical techniques to reduce risk and losses from early-stage recon and mass exploitation.

Network reconnaissance - whether for research, business, or crime - always leaves a mark. The successful scans turn into real attacks. The rest? They flood systems with constant grey noise, draining time, attention, and resources. With so much low-priority traffic, real threats are hard to spot. Understanding this powerful force behind today’s cyberattacks, and a main driver of alert fatigue and false positives, is essential for building effective defenses in the age of mass scanning.

Upcoming hands-on workshops.

Interactive Fingerprinting Walkthrough

June 3, 2025
2 PM - 5 PM CEST
Prague (as a part of The Honeynet Project Annual Workshop / Paid registration)

Designed for anyone ready to dive into modern network fingerprinting and learn how to turn raw data into actionable defenses. We’ll cover JA3, JA3N, JA4, p0f, and MuonFP. TCP/IP fingerprinting techniques. The session is packed with live demos and interactive labs, so you'll leave with practical skills you can immediately apply in your own defensive workflows.

Register here

Ultimate IP Blocking for the mass scanning age

June 26, 2025
11AM - 13 PM PDT
1PM - 3PM CDT
2PM - 4PM PDT
8PM - 10PM CEST

Learn practical techniques to strengthen your perimeter and enhance firewall defenses against illegitimate traffic, emerging threats, and zero-day attacks, especially in the critical window before patches are available. Discover how to smartly mask your network from mass scanning and apply dynamic, behavior-driven IP blocking powered by CTI, fingerprints, and automation.

Register

Tactical Threat Hunting in the mass scanning age

July 12, 2025
11AM - 13 PM PDT
1PM - 3PM CDT
2PM - 4PM PDT
8PM - 10PM CEST

Gain hands-on experience in detecting and disrupting threats hidden behind mass scanning and recon traffic. This workshop focuses on practical threat hunting techniques tailored to today’s high-volume, low-signal environments. Learn how to identify early-stage threat patterns, decode behavioral indicators, and correlate fingerprinting analysis to uncover stealthy adversaries. Gain skills to hunt smarter, reduce alert fatigue, and respond faster to real threats.

Register

Agenda

Why Network Recon Matters
The role of reconnaissance in cyberattacks
Common scanning tools and patterns
Recon
Scanning
Foundations of Network Fingerprinting
p0f and early techniques
Core principles of TCP/IP fingerprinting and L7 fingerprinting
p0f
JA3
TCP/IP
L3
L4
L7
Modern Methods: MuonFP
Identification of benign traffic and scanning activity
Strengths, limitations, and practical use cases
MuonFP
Hands-On with BPF Filters
Creating custom filters to flag or drop unwanted connections
Live demos and best practices
BPF
p0f BPF compiler
TLP: Red
Masking Edge Infrastructure
Techniques to reduce visibility to public scanners
Practical steps for immediate impact
Fingerprint-based blocking
IP-based blocking
Workflow Integration
Fitting fingerprinting into SOC processes
How to stay ahead of opportunistic and targeted attacks
Fingerprint Gathering
Data Enrichment
Automation
Q&A and Open Discussion
Tailored questions based on attendees’ environments
Q&A

Previous workshops.

In-person workshop
during RSA 2025

May 1, 2025
9 AM - 12 PM
San Francisco

Thank you for coming!