What started out as a small personal project of a guy in 2007 who did not really expect much traction turned out to be one of the most successful open source projects of today used by thousands of organizations and individuals around the world! Suricata, a powerful IDS, IPS and NSM which is fast, efficient, reliable and community driven is not only a standard in the market but also the base for several popular network security tools (software and hardware) out there.
This talk shall cover the following topics.
A brief introduction to the history of Suricata, how it started out as just an IPS but has now evolved into this huge project capable of so much more. Powered by GNU GPLv2, Suricata welcomes open collaboration and safeguarding from being absorbed by large corporations.
OISF has played a crucial role in Suricata becoming one of the most popular and successful open source projects around the world. Suricata is one of the few projects that have a sustainable way to develop and commit to growth and it is all thanks to the OISF. This part will be about a brief look into how this organization came to be, how it has helped and what is this sustainable model.
Suricata has multiple modes, features and ways of working. It largely depends on your use case where you would put Suricata in your network. A showcase of the popular ways Suricata is used and an introduction to the other modes available will be covered.
This section shall shed light on the practical features of Suricata that make it so popular. Some lesser known features apart from those expected of an IDS, IPS will be introduced.
Rules are an important part of Suricata if it has to be used as an IDS or an IPS. An introduction to Suricata rules and how they can be managed shall be done.
There are a thousand different ways for things to go wrong in a deployment but more often than not, it’s the very basic and common constructs where things are configured or set up incorrectly leading to mind boggling issues. A few of such common mistakes shall be shown, you’ll already know how to evade them ;)
However successful, Suricata is afterall an open source project that needs help in all forms. Suricata takes a lot of pride in being community driven. 🌟 In this part, along with some closing notes, a few ways a user/developer/researcher/integrator can make contributions to Suricata shall be presented.
What is Suricata and how to use it
How does an organization keep an open source project safe and sustainable
How to make contributions to an open source project as per the value you can create
Network security is an important area that needs open source solutions, both for innovation and development. Being an open-source solution and access to source code, it should be a part of conferences like IndiaFOSS.