SuriCon2024 Advanced Deployment & Configuration [PRE-CONFERENCE TRAINING]

Delivered by Suricata developers, this 2-day advanced user training is held the same week as SuriCon2024 - join us for both and receive a 20% discount on this training!

Suricata has been and is a fundamental part of any security monitoring stack by way of providing network visibility, detection and security policies audit since 2009, widely used by many big and small organizations alike around the world both on prem and in the cloud.

Network-based threat detection is crucial for developing a comprehensive security strategy, whether it is on-premise or in the cloud. In this 2-day training, you will learn how to maximize the visibility that Suricata can provide into your network. You will gain deep technical understanding and hands-on experience with Suricata’s versatile arsenal of features and capabilities for a variety of deployment, usage, and integration scenarios. Tuning and optimizing Suricata for threat/anomaly detection, file extraction, and/or protocol detection are critical for a successful deployment. You will also learn tips, tricks, and techniques to implement Suricata and its newest features based on real-world deployment experiences, to include cloud-based deployments.

This training also offers a unique opportunity to bring in-depth use cases, questions, and challenges directly to the Suricata development team. By the end of this course, you will be able to successfully design, deploy, implement, optimize and hunt with your high-performance Suricata deployment.

How to receive your discount:

1. Purchase your ticket for SuriCon2024 by visiting https://suricon2024-madrid.eventbrite.com.
2. Email us at SuriCon@oisf.net and let us know your intention to attend both events.
3. We'll provide a single-use discount link to register for the training.

MORE INFORMATION:

Pre-requisites: This is an intermediate to advanced level course. Students should have the following knowledge to get the most out of this training:

• Being able to import and run a VM (minimum 2CPU / 5GB RAM) on your laptop
• Basic experience with installing, compiling, configuring and running Suricata is a must
• Hands on Linux command line
• TCP/IP networking

A sample of the topics that will be covered:

• Advantages of Suricata 7 newest features
• Advanced performance factors and tuning techniques
• Capture methods and run modes
• Detection engine and multi-pattern matchers
• Rules, rulesets and rule syntax and optimization
• Extending rules and outputs with Lua scripting
• Automatic protocol detection and anomaly detection
• File extraction must knows: HTTP(2), SMTP, NFS, FTP/SMBv1-3
• PCAP - full vs conditional pcap capture
• Tuning principles
• Performance impact factors

• Enterprise Architecture
• IDS / IPS / IDPS / NSM deployment and setup
• Server HW / NIC / CPU architecture and selection process
• Virtual deployment considerations/tips and tricks
• Positive and negative packet loss
• Capture considerations
• Numa, CPU affinity, threading and NIC RSS hashing
• Flows and elephant flows
• eXpress Data Path (XDP)
• AF_XDP
• DPDK
• Troubleshooting system overloads
• Managing outputs
• Integration with other Security Tools and Data Stores

Refund Policy for SuriCon2024 (Trainings and Conference)

We value your commitment to SuriCon. However, we understand that plans can change, and we aim to be as accommodating as possible within our operational constraints. Please see our refund and credit policy below.

• Refunds: Refunds are not available except in specific circumstances. We will issue refunds only if we need to cancel a training due to low enrollment or events beyond our control, such as catastrophic world events (e.g., natural disasters, global health emergencies).
• Cancellations by Participants: If you need to cancel your ticket, please notify us at least by November 1, 2024. While refunds are not available for cancellations, we are pleased to offer a credit towards a ticket for SuriCon2025 conference or training (which ever is applicable). This advance notice helps to ensure OISF does not incur unnecessary expenditures.
• Credit Details: Credits for future training are subject to availability and will cover the full cost of your original ticket and can be transferred to another individual if you are unable to attend.
• Exceptions: In cases of personal emergency or health issues, please contact us to discuss potential accommodations, which may include exceptions to our standard policy.

Please note, all net proceeds from SuriCon2024 and all related training events directly fund the development of Suricata and support OISF's mission.

Contact: For queries, feel free to reach out at suricon@oisf.net or visit https://suricon.net.