Each year, Suricon attracts visitors from all over the world for three days of knowledge sharing and discussion around Suricata. This year, Suricon’s home will be the Grant Hotel Hyatt in Athens, Greece. Following last year’s hybrid event in the midst of the Covid-19 pandemic, the Open Information Security Foundation (OISF) expects Suricon 2022 to have a great turn out.
Stamus Networks at Suricon 2022
We are excited to share that Stamus Networks will be joining both the conference itself and the pre-conference training sessions this November. We are very excited to be back and we are looking forward to meeting with friends and other Suricata enthusiasts during the 3-day conference.
This year, Stamus Networks will be taking part in both of the pre-conference training sessions. Our team will be represented by our CSO - Peter Manev, our CTO - Eric Leblond, threat researcher and software engineer - Markus Kont, and myself. We have prepared demos of the Stamus Security Platform (SSP) and we cannot wait to share it with attendees at our booth in the Star City Grand Ballroom. We would love to meet you on any day of the conference and answer any questions you may have about SSP, network detection and response, and how we use Suricata.
Intrusion Analysis & Threat Hunting
On 7 November, Peter Manev and other OISF members will be partnering for a two-day training on Intrusion Analysis & Threat Hunting with Suricata. If you would like to explore all phases of adversary tactics and techniques, gain the knowledge and skills necessary to discover new threats in your network, and build an effective threat hunting program, register here:
Advanced Deployment & Configuration
If you’re more interested in maximizing the visibility that Suricata can provide into your network, then you might be interested in our other training - Advanced Deployment & Configuration with Suricata. It will begin on 7 November with Eric Leblond and Philipe Antoine sharing tips and tricks on tuning and optimizing Suricata for threat/anomaly detection, file extraction, and protocol detection. You can register for their training here:
Our Presentations at Suricon 2022
As we do every year, Stamus Networks strives to share as much knowledge as we can with our Suricata colleagues. For this year’s Suricon we have prepared three presentations covering various aspects of working with the open-source intrusion detection system (IDS).
Jupyter Notebooks for Suricata
We have the pleasure of being one of the first presenters at Suricon, with Markus Kont kicking things off at 11:45 AM on 9 November. He will be discussing the use of Jupyter Notebook with Suricata. Jupyter Notebook is an interactive data exploration tool that is widely used for threat hunting and incident response. If you would like to see a demonstration of how SSP uses Jupyter Notebook for rule exploration and R&D prototyping for threat hunting and analytics, get your Suricon ticket here and join Markus on 9 November.
Suricata Datasets: Powerful IoC Checking and Anomaly Detection
After lunch, at 1:45 PM, our Chief Technology Officer and Co-Founder Eric Leblond will be diving deep into Suricata Datasets and their use as the foundation for network-based anomaly detection. Suricata Datasets can be used to create lists which inform the construction of machine-learning based anomaly detection. Eric will be demonstrating how this is done and how Suricata users can incorporate MISP threat intelligence sharing into their deployments. Join him on 9 November.
In Hot Pursuit: Hunting with Metadata for Recently Disclosed CVEs
Our last presentation at this year’s Suricon will be from our Chief Strategy Officer, Co-Founder, and Suricata developer - Peter Manev. In this presentation, Peter will talk about leveraging the power of Suricata to hunt for attempts to exploit the CVE and share tips on writing rules or protocol data queries for capturing data about exploit attempts. He seeks to answer the question: what can developers and rule writers do to make this easier for users? Join him on 10 November at 10:15 AM and learn more on how to upgrade your CVE hunting experience.