Threat Hunting with Suricata

Register for workshop

Open Registration Form


Start: 2019-03-24 09:00
End: 2019-03-24 13:00
Location: TÜV SÜD, Gebäude Newton, Ridlerstraße 57, 80339 München


In “Threat Hunting with Suricata,” we will teach various methods and techniques to aid in detecting and hunting for popular threats facing organizations today. This workshop will focus on using efficient threat Hunting techniques including rule writing for detecting threats, as well as discussing strategies around leveraging Suricata alerts in this context.

Attendees will gain invaluable insight into the techniques behind creating long-lasting, efficient Hunting process and rulewriting for Suricata IDS.

Attendees will leave the class armed with the knowledge and ideas of how to utilize Suricata IDS for their environment, enhancing their organization’s ability to respond and detect threats.

Course outline:

Lab exercises will train attendees on how to analyze and interpret hostile network traffic, including but not limited to: Exploit Kits, Ransomware, Phishing Attacks, Crimeware, Backdoors, Targeted Threats, Anomaly identification and more.

Andreas Herz


Andreas Herz is a software developer with a focus on open source and security related projects. He’s working in the open source community for over ten years and specialized in Linux networking and Multi-Threading. Andreas resides in Germany.


Peter Manev


Peter Manev has 15 years experience in the IT industry, including enterprise-level IT security practice. Peter is a Suricata IDS/IPs/NSM QA lead and a OISF core team member. As an adamant admirer and explorer of innovative open source security software he is also one of the creators of SELKS - an open source threat detection security distro. He is also one of the founders of Stamus Networks, a company providing security solutions based on Suricata.