Writing signatures for Suricata and other intrusion detection systems (IDS) is considered by many to be a form of art. One of the main reasons is that the rule writer needs to start by examining a network trace to identify patterns that are representative to a threat/behavior without being too broad (to avoid false positives) […]
Suricata is the world-renowned IDS / IPS and NSM engine. It is capable of generating a combined log stream from separate information elements, including network protocol events, alerts, PCAP files (full packet capture), and extracted files as it sniffs live network traffic or sits inline. Suricata produces over 25 different types of log data, including […]
In today’s environment of reduced budgets, loss of talent, and more breaches than ever before, how do you stop the adversary before they are able to compromise your environment? In this livestream we’ll be talking with OISF’s own Josh Stroschein, and discussing the capabilities of Suricata, an open-source threat detection engine. Join us to hear […]
Suricata has the ability to output alerts, anomalies, metadata, file info and protocol-specific records through JSON EVE output. In this webinar, we’ll explore how we can use Suricata event data for threat detection and prevention by enriching, processing and logging EVE JSON output to MongoDB in real-time. We will also analyze threat hunting reports with […]
Suricata is the world-renowned IDS / IPS and NSM engine. It is capable of generating a combined log stream from separate information elements, including network protocol events, alerts, PCAP files (full packet capture), and extracted files as it sniffs live network traffic or sits inline. Suricata produces over 25 different types of log data, including […]
SuriCon2023 will be from 16:30 - 18:30 CET each day.