search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

  1. SEI
  2. Publications
  3. Digital Library
  4. Suricata Tutorial

Suricata Tutorial

January 2016 Presentation
Victor Julien, Eric Leblond

This presentation demonstrates the dynamic capabilities of Suricata, the world's leading IDS/IPS engine.

Publisher:

CERT Division
Subjects

Abstract

This presentation, given at FloCon in 2016, describes Suricata, the world's leading IDS/IPS engine, provides the most versatile network security tool available today. Suricata is the "Swiss Army Knife" for network security monitoring.  This training will demonstrate Suricata's dynamic capabilities including

  •     Introduction to Suricata
  •     Suricata as a passive DNS probe
  •     Suricata as an SSL monitor
  •     Suricata as a malware
  •     Suricata as a flow probe


At the completion of this training, attendees will gain a greater understanding of Suricata's versatility and power.  They will also have the unique opportunity to discuss any questions directly with the core Suricata developers.