At next week's Suricon 2021, I'll be sharing real world examples of how a new Splunk App can help you get more out of your Suricata installation to gain more insights into your network activity and improve the security posture of your organization.
SuriCon is the annual open source technology community conference that highlights discussions and developments related to Suricata, the powerful intrusion detection and prevention and network security monitoring (IDS/IPS/NSM) engine. As Suricata is at the heart of our company, we are excited that Stamus Networks will be part of this year’s event - both on-site in Boston and virtually.
The Stamus Networks App for Splunk allows Splunk Enterprise users to extract information and insights from Suricata sensors. The app is open source, free, and currently available for download on Splunkbase.
Thanks to the EVE JSON event and alert format that are native to Suricata, it is straightforward to import Suricata-generated data into a running Splunk instance. In this talk, I will demonstrate the capabilities of Suricata in the Splunk App, supported by real-world examples from my experience of working with it.
We will dive deep into the potential of combining Suricata data with Splunk search and analysis capabilities with a live demonstration of how to gain more insights into your network activity and how to more accurately assess the current security posture of your organization.
Join us virtually at Suricon 2021 on 21 October at 1:45 PM (EST). And if you are planning to attend the event in person, be sure to visit the Stamus table and say "hi" to one of our executives. If you are considering coming to the OISF training “Advanced Deployment and Configuration with Suricata”, the organizers are giving a 20% discount off the training to those who register for both. Learn more here >>.
We hope to see you there