Suricata is a high-performance Network IDS, IPS and Network Security Monitoring engine sought after around the world. Open-source and managed by a community, Suricata is a part of the non-profit foundation; the Open Information Security Foundation (OISF). OISF’s mission is to remain on the leading edge of open source IDS/IPS development by welcoming in open source technologies looking for a community to support them.
Suricata can show you things about your network you haven't seen before. More than just an IDS/IPS, Suricata can provide the visibility to solve incidents quickly and more accurately by enabling context before, during, and after an alert. In our 2-day training classes, we will teach the skills required by network security analysts and incident responders to protect and respond to threats in the network(s) day to day.
Our NEWEST Suricata training - Suricata Advanced Deployment and Architecture class offers a hands-on experience that will lead experienced Suricata users and developers from the efficient and fast set-up of correct operations to successful threat hunting examples in massive traffic jams with Suricata. This class is perfect for those who want to take their skills and knowledge to a new level - including live and active examples of configurations and setup deployments in 40+Gbps Threat Hunting deployments. Security professionals will actively experience all that Suricata has to offer and walk away with greater proficiency in Suricata’s core technology. Time is built into the class, so attendees have the unique opportunity to bring questions, challenges, and new ideas directly to Suricata’s developers.
Advance Performance Factors
Advance Tuning Techniques
Rules, Rulesets, and Optimization
Event / Data Outputs
What do I do with 20+ mil events a day?
Troubleshooting Common Problems
Successful Threat Hunting techniques in heavy traffic jams
Lua scripting
Steganography Detection
Anomaly detection
File Extraction
Automatic Protocol detection
Pcap processing
Enterprise Architecture
IDS / IPS / IDPS / NSM deployment and set up
Server HW / NIC/ CPU architecture and selection process
Virtual deployment considerations/tips and tricks
Capture Methods and Specifics
Capture Hardware
Integration with Other applications
Prerequisites for the class:
Being able to import and run a VM (2CPU / 6GB RAM) on your laptop
Basic understanding of IDS/IPS/NSM principles
Networking, TCP/IP
Linux command line
Infra Security and Application Operations | Network Security Administrators | Security Architects/Engineers | Security Analysts | Malware Analysts | Network Engineers
Net proceeds from this and all OISF's training events go directly to funding Suricata's development and OISF's mission to support open source security technologies. OISF is a 501c(3) U.S. non-profit. For questions about this event or about becoming a member of the OISF community please contact us at