Erlc Leblond
Last known affiliation: Stamus Networks
Bio: Eric Leblond is an active member of the security and open source communities. He works on the development of Suricata, the open source IDS/IPS since 2009 and he is currently one of the Suricata core developers and a board member of OISF the foundation behind Suricata. He is also one of the founders of Stamus Networks, a company providing security solutions based on Suricata.
Date: 2023-04-13
PDF
Video
Date: 2022-04-29
Suricata
Erlc Leblond 🗣
Erlc Leblond 🗣
Abstract (click to view)
Suricata is a well known open source network threat detection engine. As such it combines network security monitoring capabilities with advanced intrusion detection mechanisms. Dataset is one of the features that is at the border of these two worlds. This presentation will introduce the feature and its advanced matching capabilities and it will explain how it can be used to do real time check of various IOCs (IPs, user agent, file hash) and to build sightings databases to alert on newly observed communication artifacts in the defended network.
Video