Recent advances in Suricata IDS/IPS

Speaker(s) : Eric LEBLOND

  • Language : Français
  • Level : Confirmed
  • Nature : Conference
  • Date : Monday 9 July 2012
  • Schedule : 14h00
  • Duration : 40 minutes
  • Place : Uni Mail R280
Target audience : ProfessionalsGeeks

Abstract

The development of Suricata IDS/IPS has been really fast paced in the last year. New great features like file extraction and TLS handshake analysis have been introduced after the core has been finished in 2010. This talk will present Suricata and its ecosystem including associated software. It will do an in-details description of the new key features and present the challenges faced by Suricata. One of them being alerting which is made for more complex following the deep understanding of some protocols by Suricata.

Speaker

Eric Leblond is a Free Software and Security hacker. He has started as lead developer the NuFW project which objective was to establish a safer and stricter way to do identity based filtering on network firewall.

He’s also a long-term contributor to the Netfilter project where he has worked on kernel and userspace interaction. He is one of the main developer of ulogd2, the Netfilter’s userspace logging daemon. He has started working on the IDS/IPS Suricata in 2009 and he is currently working the OISF as developer. He is also consultant in free software and network security.

Attached documents

Slides conf
Slides conf (PDF - 1.7 Mb)