Highlights from SuriCon 2016

Second Annual SuriCon in Washington, DC —
3 Amazing Days with a Sold-out Crowd!

For the second year developers, users, and business leaders from around the world joined us for SuriCon 2016 in Washington, DC. Thanks to our incredible speakers, our generous sponsors, and all the fantastic attendees it was a great week of training, talks, networking, and community! Below are some highlights, a few photos, and the presentation decks from our amazing speakers.

Thank you! The OISF Team


  • This being our first SuriCon in the US, we didn’t know how many people to expect — but registration was sold out at 156 — with over 140 Suricata fans in attendance!
  • Over 65 organizations were represented — a great testament to Suricata’s global reach.
  • This year we expanded SuriCon to 2.5 days dedicated to talks, and it still wasn’t enough — the community requested extending SuriCon 2017 to 3 full days.
  • As a community, we mapped Suricata’s development roadmap for 2017.
  • 90% of the total cost of the conference was covered by our sponsors and Suricata training attendees — we couldn’t have done it without you!
  • “Best conference ever!” was a common theme we received from participants — many of whom are already planning on attending next year’s conference in Prague.


Presentation Materials:

Keynote Address
Ron Gula, Chairman of the Board, Tenable Network Security

Suricata Today
Victor Julien, OISF

Actively Monitoring Passive Sensors/Stop Unplugging My Taps!
Darren Spruell, RiskIQ & James Pleger, RiskIQ

Suricata Extreme Performance Tuning with Incredible Courage
Michal Purzynski, Mozilla & Peter Manev, OISF & Stamus Networks

Suricata and Security Onion: Making Adversaries Cry Since 2010
Doug Burks, Security Onion

Sharing Information and Providing Feedback Using MISP Sharing
Andras Iklody, CIRCL

Seth Walters, Georgia Tech Research Institute

Making Software Training Easier for Suricata and Nearly Everyone Else
Jon Schipp, Komand & Draconyx

Securing Security Tools
Pierre Chifflier, ANSSI — French National InfoSec Agency

Suricata in Industrial Control Systems
Gene Stevens, ProtectWise & Rich Welch, ProtectWise

The Suricata Rule Writing Guide for The Snort Expert
David Wharton, SecureWorks

Rule Writing Rock Star
Will Metcalf, Proofpoint

State of OISF
Kelley Misata, OISF

Keynote Address
Liam Randall, Capital One

Hyperscan in Suricata: State of the Union
Geoff Langdale, Intel

Reality-Based Suricata
Michal Purzynski, Mozilla

Implementing eBPF
Eric Leblond, OISF & Stamus Networks

Applying Data Science to Suricata
Anthony Tellez, Splunk

Suricata File Extraction API
Zach Rasmor, Lockheed Martin

Eric Leblond, OISF & Stamus Networks & Peter Manev, OISF & Stamus Networks

Building a Better RAT Trap: Weaponizing Open Source Software in the Hunt for the APT
Cooper Nelson, UC San Diego

Suricata QA
Victor Julien, OISF & Peter Manev, OISF & Stamus Networks

Open Source Communities & Cyber Security
Charles-H. Schulz, ANSSI — French National InfoSec Agency

Lightning Talk: Decoding Malware Traffic with Suricata Lua Logging
Chris Wakelin, Proofpoint

Thanks again to our incredible sponsors:


Telesoft Technologies Cyber Security Suricon Sponsor



Intel Corporation






Endace logo

CSPi Technology logo





Protectwise Logo

Accolade Technology


David Baumann

Matthew Cantu

Travis Green

Duane Howard

Marcus Liberto

Arun Moothedath

Jack Mott

Brandon Murphy

Netsecuris, Inc.

Arne Oslebo

Michal Purzynski

Ed Sealing

Michael Shirk

Ted Skinner

Andrew Thornton

Anthony Verez