Suricata development training

We’re considering to offer a Suricata development training day around the next OISF brainstorm meeting. That would be in Amsterdam around the RAID conference, in early September.

Topics we could cover:

- code/development overview
- create/extend detect module
- create/extend output module
- app layer module
- proto detection
- …

The training would probably be free as it’s an excercise for us as well, so we’d just want honest feedback in return :)

Nothing is set in stone at this point, but I wanted to throw the idea around already. If you’re interested in joining this session, please let us know! If there is enough interest we may just make this happen!

4 thoughts on “Suricata development training

  1. I don’t have one yet, so nothing to share at this point. In a previous training we developed a detection module for matching on SMTP RCPT TO and MAIL FROM and created a smtp log. We could do something similar here.

  2. It would be great if somehow, you could provide a way to access training after Amsterdam event for those who like Suricata development training but can’t be in RAID.
    Thanks in Advance

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s