[Oisf-users] 2nd Annual Suricata User Conference - Registration & Call for Speakers

Chris Montgomery chris at archer.neomailbox.ch
Fri Jun 3 14:35:20 UTC 2016 

Leonard,

I would like to hear more about the coursework you have developed.  I think this sort of material would be a very valuable addition to the Suricata training program, and could help draw more users to the project/community beyond those that have been traditionally drawn to it.

-Chris Montgomery


> On May 27, 2016, at 3:12 PM, Leonard <ljacobs at netsecuris.com> wrote:
> 
> This is Leonard Jacobs. I claim the NSM topic on the twist of how to be the best cyber security analyst you can be. It is on the spin of the Cyber Security Analysis coursework I have already developed. I.e How to use Suricata to be the best cyber security analyst you can be.
> 
> Thanks
> 
> Sent from my iPhone
> 
>> On May 27, 2016, at 12:00 PM, Victor Julien <lists at inliniac.net> wrote:
>> 
>>> On 27-05-16 18:47, David Wharton wrote:
>>> I know some of you are thinking about ideas for SuriCon presentations so
>>> I thought I'd throw out some ideas off the top of my head of things I'd
>>> be interested in hearing about.  I'm not planning on using any of these
>>> so feel free to take whatever you want.  There is overlap in these ideas
>>> but hopefully they will at least inspire someone.
>>> 
>>> *1) Robust and accurate large scale testing of rule performance on Suricata*
>>>   - latency
>>>   - throughput
>>>   - engine stats
>>>   - ruleset stats
>>>   - statistical analysis
>>>   - data (pcaps) used
>>>   - tools used
>>> 
>>> *2) 10G and beyond: setting up and tweaking Suricata for high bandwidth
>>> links*
>>>   - hardware requirements, including different price bands (e.g. if I
>>> had $5K I'd do this, if I had $15K then this, etc.)
>>>   - commodity vs specialized or custom hardware/software
>>>   - OS / OS tweaks
>>>   - suri tweaks
>>>   - running inline without impacting the network
>>>   - challenges / failures
>>>   - ideally based on real-world experience
>>> 
>>> *3) Suricata Documentation: More important than you think*
>>>   - past, present, and future of Suri documentation
>>>   - the importance of documentation + vision
>>>   - how to contribute
>>>   - where you can contribute (areas lacking in documentation)
>>> *
>>> **4) Leveraging Lua scripting to turn Suricata into a Ninja*
>>>   - setup/config
>>>   - what you can/can't do
>>>   - practical examples/war stories
>>> 
>>> *5) Don't tell my spouse I'm in love with JSON*
>>>   - Suricata loves to output JSON
>>>   - how to manage, use, and leverage this normalized data to get the
>>> most out of what Suricata is giving.
>>>   - integrating with big data solution (or medium data solution) ;)
>>>   - examples/tools
>> 
>> I nominate Jason for this one ;)
>> 
>> 
>>> *6) nftables changed my life and it can change yours too*
>>>   - what it means for Suricata
>>> 
>>> *7) Zero 9's: how to achieve 100% uptime*
>>>   - live ruleset reloads
>>>   - how to safely be inline all the time
>>> 
>>> *8) Running Suricata Inline*
>>>   - hardware
>>>   - fail open/closed
>>>   - configuration, tweaks
>>>   - challenges, pitfalls
>>> 
>>> *9) She's all that: Suricata as a Network Security Monitor*
>>>   - Suricata is touted as an IDS/IPS but it also has powerful NSM
>>> capabilities
>>>   - How to configure and leverage the sundry and often underutilized
>>> NSM features
>>>   - big data integration and use
>>>   - Tool for compliance? (only if you run out of things to talk about
>>> because compliance gets boring fast)
>>> 
>>> *10) Suricata vs. Latest Threats and Challenges*
>>>   - exploit kits
>>>   - ransomware
>>>   - malicious email attachments
>>>   - encrypted C2 channels
>> 
>> Great list David, thanks a lot.
>> 
>> -- 
>> ---------------------------------------------
>> Victor Julien
>> http://www.inliniac.net/
>> PGP: http://www.inliniac.net/victorjulien.asc
>> ---------------------------------------------
>> 
>> _______________________________________________
>> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
>> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
>> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
>> Suricata User Conference November 9-11 in Washington, DC: http://oisfevents.net
> 
> 
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Suricata User Conference November 9-11 in Washington, DC: http://oisfevents.net

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160603/86ba7468/attachment.html>

More information about the Oisf-users mailing list