Skip Main Navigation
Page Content

Save This Event

Event Saved

Updated! Practical Signature Development Training for Suricata @ SuriCon 2018

Monday, November 12, 2018 at 9:00 AM - Tuesday, November 13, 2018 at 5:00 PM (PST)

Updated! Practical Signature Development Training for...

Ticket Information

Ticket Type Sales End Price Fee Quantity
Regular Admission
This ticket will include the 2-day training event and direct access to the Suricata developers for 1:1 questions and troubleshooting.
Nov 11, 2018 $2,000.00 $0.00

Share Updated! Practical Signature Development Training for Suricata @ SuriCon 2018

Event Details

Suricata is a high-performance Network IDS, IPS and Network Security Monitoring engine sought after around the world. Open-source and managed by a community, Suricata is a part of the non-profit foundation; the Open Information Security Foundation (OISF). OISF’s mission is to remain on the leading edge of open source IDS/IPS development by welcoming in open source technologies looking for a community to support them.

This 2-day signature development training led by Suricata's lead developers is being held the same week as SuriCon 2018 - join us for both and receive a 20% discount on this training! 

To receive your discount:

  1. Register for SuriCon by visiting
  2. Email us at and let us know you are coming to SuriCon
  3. We will give you a one-time-only link to register for this training with the 20% discount.

Who should come?

Attend this training if your goal is to learn expert methods and techniques for writing network signatures to efficiently detect the greatest threats facing organizations today. Attendees will gain invaluable information and knowledge including the configuration, usage, architecture, traffic analysis fundamentals, signature writing, and testing of Suricata IDS. Attendees will be given handouts to help them develop and read with IDS signatures. Lab exercises will train attendees how to analyze and interpret hostile network traffic into agile IDS rules for detecting threats, including but not limited to: Exploit Kits, Ransomware, Phishing Attacks, Malicious Documents, Crimeware Backdoors, Targeted Threats, and more. Attendees will leave the class armed with the knowledge of how to write quality IDS signatures for their environment, enhancing their organization’s ability to respond and detect threats. The class has been updated for the latest Suricata 4.0 IDS features while still retaining backward-compatibility with older Suricata versions. The class is very very hands-on with a robust workbook featuring exercise walkthroughs/explanations and a physical copy of the material presented. The class exercises feature paths for those that are brand new to writing IDS signatures and signature experts who dream in pcre.

A sample of the topics that will be covered:

  • Network and Malware Analysis Fundamentals

  • IDS Engine and Rule Writing Fundamentals

  • Writing Signatures for DNS, HTTP, SSL/TOR

  • Advanced Rule Features

  • Detecting Phishing Communications, Ransomware Communications, Malicious Documents, Exploit Kit activity, Targeted Threats

Who should attend:


  • Security Administrators
  • Enterprise Defenders
  • Incident Responders
  • Security Operations Specialists
  • Security Analysts
  • Malware Analysts
  • Network Engineers

  • Being able to import and run a VM (1CPU /1-2GB RAM) on your laptop
  • Basic Understanding of IDS/IPS/NSM

This is a hands-on course. Good knowledge of the following is required:
  • Networking, TCP/IP
  • Linux command line

We hope to see you there!  

Net proceeds from this and all OISF's training events go directly to funding Suricata's development and OISF's mission to support open source security technologies.  For questions about this event or about becoming a member of the OISF community please contact us at


Have questions about Updated! Practical Signature Development Training for Suricata @ SuriCon 2018? Contact the organizer

Save This Event

Event Saved

When & Where

Pan Pacific Hotel Vancouver

Vancouver, BC V6C 3B5

Monday, November 12, 2018 at 9:00 AM - Tuesday, November 13, 2018 at 5:00 PM (PST)

  Add to my calendar


The Open Information Security Foundation (OISF) is a team of multi-national software developers and security experts committed to open source security technologies and identifying groundbreaking trends in information security and network monitoring. OISF, a 501(c)3 non-profit organization, owns and supports Suricata. To learn more about the community or becoming a consortium member contact us at  

  Contact the Organizer

Please log in or sign up

In order to purchase these tickets in installments, you'll need an Eventbrite account. Log in or sign up for a free account to continue.