SuriCon 2017 | Prague

Third Annual SuriCon in Prague!

A Fantastic 3 Days with Another Sold-out Suricata Crowd!

For the third year, Suricata’s community of developers, users, and business leaders from around the world joined us for SuriCon 2017 in Prague. Thanks to our incredible speakers, our generous sponsors, and all the fantastic attendees it was a great week of training, talks, networking, and community! Below are some highlights, photos, sketches by Frank Tizzoni, and the presentation decks from our amazing speakers. Presentations will be added as we receive them from the speakers. Thank you! The OISF Team


  • Excited to be back in Europe and hopeful for 130 attendees, but in the final weeks before the conference registrations spiked — as a result, SuriCon 2017 sold out for the third year in a row at 176 attendees!
  • Over 60 organizations from around the world were represented — a great testament to Suricata’s global reach.
  • As requested at SuriCon 2016, we expanded the conference to 3 full days — adding in additional time on the Suricata development roadmap.
  • We held our first sponsor reception during the opening night of the conference, another success which we will repeat next year. Many thanks to our sponsors for their support of SuriCon 2017!
  • Once again as a community, we mapped Suricata’s development roadmap for 2018 — we also discussed improving the process of tracking and adding to the roadmap throughout the year.
  • We added a new training to our pre-SuriCon line-up — our SigDev training was a huge success thanks to new OISF team members, Jack Mott and Jason Williams.
  • 95% of the total cost of the conference was covered by our sponsors and Suricata training attendees — we couldn’t have done it without you!
  • “SuriCon continues to be the best conference of the year!” was a common theme we received from participants — many of whom are already planning on attending next year’s conference in Vancouver.
  • Other exciting announcements were made during the conference including Suricata NEW Online Training, Suricata Support Services (pilot program launching in 2018), and the new Suricata Advisory Council.

As SuriCon 2017 came to a close, we took the opportunity to announce the kick-off of Suricata’s 10-year anniversary celebration — an incredible milestone for the project and the community! Look for details coming soon.

Presentation Materials

Everything You’ve Ever Wanted to Know About How Configuration/Rules Impact Suricata Performance Brad Woodberg, Proofpoint

The Matrix, the Mobster, and the Magic Randy Caldejon, CounterFlow AI

Malware Distribution Trends and Associated Network Traffic Brad Duncan, Palo Alto Networks

Hunting BotNets: Suricata Advanced Security Analytics Anthony Tellez, Splunk

Writing Safe Parsers: Lecture and Tutorial Pierre Chifflier, ANSSI

Hardware-based Flow Offload in Suricata Alfredo Cardigliano, ntop

So What’Cha Want (to sig) in Suri 4.0 Travis Green, Francis Trudeau, Jack Mott, & Jason Williams, Emerging Threats / Proofpoint

Scalable and Efficient Packet Capture Creation and Testing on Suricata David Wharton & Will Urbanski, SecureWorks

Conquering the IDS Alert Challenge with Splunk and Suricata Brennan Lodge, Bloomberg LP

Current & Future Industrial Detections in Suricata Gene Stevens & Danny Browning, ProtectWise

Use Case of Suricata Embedded within Professional THALES CYBELS SENSOR Probe Pascal Delalande, Thales Communications

SEPTun 2 Peter Manev, OISF / Stamus Networks & Michal Purzynski, Mozilla

Suricata Logging Empowerment Giuseppe Longo, Stamus

Like Sigging Phish in a Barrel Jason Williams, Emerging Threats / Proofpoint / OISF

Finding the Bad Guys, Yes Really Eric Leblond, OISF / Stamus Networks

Suricata in the Cloud Michal Purzynski, Mozilla

Malware Analysis: Suricata & Splunk for Better Rule Writing Anthony Tellez, Splunk

Thanks again to our incredible sponsors!
STAMUS Networks
Google, sponsor of SuriCon
Turris Omnia
Amazon sponsor of SuriCon 2019
DCSO - SuriCon Sponsor
Avast Logo
Protectwise Logo - Achieve pervasive visibility, high-performance threat hunting and accelerated incident response; across your security environment and across time.
CounterFlowAI Logo
Accolade Technology Logo
Gatewatcher SuriCon sponsor
OPNsense, Sponsor of SuriCon

Apostolos Bakoyiannis
Binary Confidence
Christoph Knott
Robert Haist, DCSO
Phillip Schildein, DCSO