[Oisf-users] Suricata Training sessions?

Matt Jonkman jonkman at jonkmans.com
Wed Jul 9 11:58:45 UTC 2014

Good question Duane, and timely. Thanks!

We've just finished up building a Suricata training curriculum and are
preparing to get some dates set up. We've just started working with some of
our consortium member organizations to set up sessions for their folks

The class is at least 2 days, but can expand based on class size and any
special subjects to cover more deeply. Lots of hands-on and real world
stuff, covering the engine, performance tuning, different capture methods,
output modes and managers, when and how to use accelerated hardware, rule
writing, open working time, and much more. Everyone gets their own live
baby meerkat to take home to the kids as a pet. (We're still looking into
the details of getting enough meerkats per class, so don't hold us to that
just yet :) )

We need some recommendations on dates and locations, and even folks who
might be able to help secure appropriate rooms. Hotel conference rooms are
an option of course, but this kind of thing is often more effective when we
can get a room with higher end AV and technical resources.

So I think this is a good time to open the floor for some ideas as to when
and where. Please let us know what would be convenient for you or your
organization, and where you think we might be able to draw enough other
students to get a good class.

Our internal goal is to get at least one open class scheduled per quarter
going forward, and spread around the US coasts and around the EU to start,
as well as other sessions set up around conferences where we can fill a

Longer term we really want to get enough of all of us in the community
through the class to get more trainers out there to do sessions on their
own. The OISF will help coordinate and announce. More Suri geeks means more
ideas flowing back into the dev team and a stronger suricata for us all! if
you're interested in becoming a trainer please ping me off-list. The
foundation has limited resources, and we'd like to keep the core coding
team coding as much as possible.

If you have thoughts on where we can find a good location, and an effective
date to shoot for, please let us know on or off list.

We're far overdue to get these off the ground, so we'd like to move fast!

Any ideas or recommendations welcome!


On Tue, Jul 8, 2014 at 11:48 AM, Duane Howard <duane.security at gmail.com>

> Hey folks,
> I'm considering looking into some training on either Snort or Suricata.
> Sourcefire seems to provide some Snort internals + rule writing sessions,
> and I see references for some release candidate training in the past for
> Suricata, but I can't seem to find any details on what might be currently
> available. Can someone enlighten me as to the status of Suricata training
> sessions available?
> ./d
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/


Matt Jonkman
Emerging Threats Pro
Open Information Security Foundation (OISF)
Phone 866-504-2523 x110
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20140709/17ac7e73/attachment-0002.html>

More information about the Oisf-users mailing list