Advanced Network Defense

The Anti-Recon Workshop

February 2025 (various dates)

Online/In-person at select locations across multiple U.S. cities

Sign up for the workshopCheck out the full agenda
Workshop topic

Advanced defense techniques to stop reconnaissance and mass exploitation in their tracks.

Join the hands-on expert workshop to dive into network reconnaissance, still the first step in many cyberattacks. Learn new fingerprinting techniques like JA4, JA4+, and MuonFP, build eBPF filters to block unwanted connections, or discover methods to mask your edge infrastructure from automated scans.

You'll use the expertise gained in the workshop on a daily basis to:

  • Efficiently strengthen network defense.
  • Detect anomalies in network behavior early.
  • Enhance precision in Threat Response.
  • Mitigate the risk of attacks that start as reconnaissance.

Full Agenda

Register Your Interest

Thank you! Our team will get back to you within 2 business days to confirm a workshop date and fine-tune any other details.
We kindly request a business email address. Please note that temporary or free email addresses are not accepted. Should you require assistance or wish to discuss this matter further, please contact us at partners@ellio.tech. Thank you for your cooperation.
Based outside the US and interested in the workshop?
Let us know at info@ellio.tech
Why it matters

Network recon still plays a key role as the first step in the kill chain. Detect it, understand it, and use it for your own defense.

Knowing how to detect and deter network reconnaissance (the first step in a wide range of cyberattacks) is a crucial part of an efficient defense, responding to today’s threat landscape.

In this hands-on workshop, you'll learn how adversaries map targets for mass exploitation, the foundations of network fingerprinting, and modern methods like JA4, JA4+, and MuonFP - including what these techniques can and cannot do. We'll dive into building eBPF filters to drop or flag unwanted connections, and explore how to mask your edge infrastructure from automated scans. We'll also discuss how to integrate fingerprinting into your workflows so you can stay one step ahead of both opportunistic and targeted attacks.

Whether you're an intermediate analyst seeking to understand the fingerprinting landscape or an advanced defender ready to build sophisticated filters, this workshop will give you the tools and insights you need.
Boost your defense capabilities
and gain a competitive edge in the industry.

What You'll Walk Away With

Fingerprinting Foundation

You will know how network fingerprinting enables you to identify and mitigate attacker behaviors and scanning patterns.

Fingerprinting

Reduced Exposure

You will acquire actionable methods to smartly detect, deter, and reduce exposure to mass exploitation attempts.

Fingerprint Based Blocking

Quick
Detection

You will know to use fingerprinting data to quickly spot suspicious activities, uncover new attack vectors, and stay ahead of adversaries.

Automation

Proactive Filtering

You will know to build custom filters to proactively drop or flag unwanted connections, fortifying your defense against malicious traffic.

eBPF
Check out the full agenda
Workshop Guide

Meet Vlad Iliushin

The workshop will be led by Vlad, an expert in mass exploitation, network reconnaissance, and cyber deception.

Vlad is a co-founder of ELLIO and President of the Anti-Malware Testing Standards Organization AMTSO. A true cybersecurity enthusiast, he is passionate about network security, IoT, and cyber deception.  Before ELLIO, he founded and led the Avast IoT Lab (now Gen Digital), developing security features and researching IoT threats. He has spoken at many conferences, including Security Analyst Summit, Web Summit, or South by Southwest (SXSW), where he demonstrated IoT vulnerabilities alongside World Chess Champion Garry Kasparov.

Workshop Flow

Agenda

Why Network Recon Matters
The role of reconnaissance in cyberattacks
Common scanning tools and patterns
Recon
Scanning
Foundations of Network Fingerprinting
p0f and early techniques
Core principles of TCP/IP fingerprinting and L7 fingerprinting
p0f
JA3
HASSH
TCP/IP
L3
L4
L7
Modern Methods: JA4, JA4+, and MuonFP
Identification of benign traffic and scanning activity
Strengths, limitations, and practical use cases
JA4
JA4T
JA4+
MuonFP
Hands-On with eBPF Filters
Creating custom filters to flag or drop unwanted connections
Live demos and best practices
eBPF
eXpress Data Path
TLP: Red
Masking Edge Infrastructure
Techniques to reduce visibility to public scanners
Practical steps for immediate impact
DNS
Fingerprint-based blocking
IP-based blocking
Workflow Integration
Fitting fingerprinting into SOC processes
How to stay ahead of opportunistic and targeted attacks
Fingerprint Gathering
Data Enrichment
Automation
Q&A and Open Discussion
Tailored questions based on attendees’ environments
Q&A
Sign up for the workshop

Big thanks to our ELLIO User Community!

Over 15,000 users worldwide

trust ELLIO to keep them protected and informed.

Cybernoise Map

Everybody scans. We listen.

How cybersecurity experts use ELLIO in their defense mission.

Data Insight & Automation for SOC Teams

Accelerate triage by filtering out non-urgent and false positive alerts in SIEM, SOAR or TIP in real-time using ELLIO Threat Intelligence.

Learn more

Data Enrichment for Threat Hunting

Improve investigation and response to targeted attacks, making both faster and more precise with the latest, highly accurate threat data, trends, and anomalies.

Learn more

Mask network from Scanning Services

Make your perimeter invisible to scanning services used by malicious actors to locate new targets. Reduce your network footprint.

Learn more

Ultimate IP Blocking

Real-time protection against active malicious IPs at the perimeter with the largest and most dynamic IP threat feeds on the market.

Learn more

See all Use Cases.

Upgrade your actionable knowledge.
Recon Workshop coming to your town!

Register for the workshop
ELLIO logo

We help security teams focus on threats that really matter.

Partners
Partner ProgramLead registration
Company
Recon U.S. Roadshow 2025BlogEventsAbout usContact usTalk to an expert
Community
SlackDiscordX
Close.

Sign up for news

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Copyright 2024 ELLIO Technology.