DeepSec 2014 Workshop: Suricata Intrusion Detection/Prevention Training
Getting to know what’s going on is a primary goal of information security. There is even a name for it: intrusion detection. And there are tools to do this. That’s the easy part. Once you have decided you want intrusion detection or intrusion prevention, the implementation part becomes a lot more difficult. Well, if you need help with this issue, there is a two-day workshop for you at DeepSec 2014 – the Suricata Training Event.
Suricata is a high performance Network Intrusion Detection System (IDS), Intrusion Prevention System (IPS) and Network Security Monitoring engine. It can serve pretty much all your needs. It’s Open Source (so it cannot be bought and removed from the market) and owned by a very active community. Suricata is managed by the non-profit foundation; the Open Information Security Foundation (OISF). OISF’s mission is to remain on the leading edge of open source IDS/IPS development to meet the ongoing needs of the community.
The two-day training event is held by core developers of Suricata. This means you get all the information on how intrusion detection works, how the rules can be created and adapted to your needs straight from the experts. Attending the workshop will give you not only a greater proficiency in Suricata’s core technology but will also have the unique opportunity to bring questions, challenges, and new ideas directly to Suricata’s developers. You will get the theory plus hands-on exercises with live packets and detection signatures. A sample of topics that will be covered over the course of the 2-day training include:
- Compiling, installing, and configuring Suricata
- Performance factors, rules and rule sets
- Capture methods and performance
- Event / data outputs and capture hardware
- Troubleshooting common problems
- Advanced tuning
- Integration with other tools
If you own or use a network, then you should definitely be interested in IDS/IPS – get the packets before the packets get you! The workshop is tailored for developers, technologists, and security professionals. Even if you are new to Suricata or IDS in general, the training is a perfect starting point to get familiar with the topic. Make sure to book early, the number of tickets for all workshops is limited!