Hello! I hope you did your homework in the Introduction to Suricata lesson. If you have not completed that yet, don’t continue with this post until you have! We’ll be dissecting the Suricata YAML file today. Suricata has endless features, but the real power for a Cybersecurity professional comes from configuring it to best suit…
This is the first post in a multi-part series explaining how to use Suricata to make an NDR (Network Detection and Response) program. But first: what is Suricata? It’s an IDS (Intrusion Detection System). This means it’s a tool that analyzes network traffic and determines if it’s malicious or suspicious. You may be thinking “why…