[Oisf-users] 2nd Annual Suricata User Conference - Registration & Call for Speakers

Victor Julien lists at inliniac.net
Fri May 27 17:00:52 UTC 2016 

On 27-05-16 18:47, David Wharton wrote:
> I know some of you are thinking about ideas for SuriCon presentations so
> I thought I'd throw out some ideas off the top of my head of things I'd
> be interested in hearing about.  I'm not planning on using any of these
> so feel free to take whatever you want.  There is overlap in these ideas
> but hopefully they will at least inspire someone.
> 
> *1) Robust and accurate large scale testing of rule performance on Suricata*
>     - latency
>     - throughput
>     - engine stats
>     - ruleset stats
>     - statistical analysis
>     - data (pcaps) used
>     - tools used
> 
> *2) 10G and beyond: setting up and tweaking Suricata for high bandwidth
> links*
>     - hardware requirements, including different price bands (e.g. if I
> had $5K I'd do this, if I had $15K then this, etc.)
>     - commodity vs specialized or custom hardware/software
>     - OS / OS tweaks
>     - suri tweaks
>     - running inline without impacting the network
>     - challenges / failures
>     - ideally based on real-world experience
> 
> *3) Suricata Documentation: More important than you think*
>     - past, present, and future of Suri documentation
>     - the importance of documentation + vision
>     - how to contribute
>     - where you can contribute (areas lacking in documentation)
> *
> **4) Leveraging Lua scripting to turn Suricata into a Ninja*
>     - setup/config
>     - what you can/can't do
>     - practical examples/war stories
> 
> *5) Don't tell my spouse I'm in love with JSON*
>     - Suricata loves to output JSON
>     - how to manage, use, and leverage this normalized data to get the
> most out of what Suricata is giving.
>     - integrating with big data solution (or medium data solution) ;)
>     - examples/tools

I nominate Jason for this one ;)


> *6) nftables changed my life and it can change yours too*
>     - what it means for Suricata
> 
> *7) Zero 9's: how to achieve 100% uptime*
>     - live ruleset reloads
>     - how to safely be inline all the time
> 
> *8) Running Suricata Inline*
>     - hardware
>     - fail open/closed
>     - configuration, tweaks
>     - challenges, pitfalls
> 
> *9) She's all that: Suricata as a Network Security Monitor*
>     - Suricata is touted as an IDS/IPS but it also has powerful NSM
> capabilities
>     - How to configure and leverage the sundry and often underutilized
> NSM features
>     - big data integration and use
>     - Tool for compliance? (only if you run out of things to talk about
> because compliance gets boring fast)
> 
> *10) Suricata vs. Latest Threats and Challenges*
>     - exploit kits
>     - ransomware
>     - malicious email attachments
>     - encrypted C2 channels
> 

Great list David, thanks a lot.

-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------

More information about the Oisf-users mailing list