More Open Source Security episodes
Published 19 Jan 2026
Duration: 32:11
Suricata is an open-source, multi-mode network intrusion detection and prevention system that analyzes traffic, detects malicious activity, and generates detailed metadata for further analysis.
Josh discusses Suricata with Victor Julien, the founder and lead developer of the project. Victor explains the history of the project, its impact on c...
Suricata is an open-source network Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) that analyzes network traffic to detect malicious activity using signature-based rules. It generates detailed metadata, such as in JSON format, for further analysis and can operate in IDS, IPS, or Firewall modes, with the Firewall mode implementing a default drop policy for traffic control. Enterprises use Suricata for tasks such as network monitoring, threat detection, and log analysis, often integrating it with visualization and forensic tools like the ELK stack.
The project has been maintained by the Open Source Automation Foundation (OASF) for over 15 years and continues to evolve with improvements in usability, protocol support, and performance. It supports deep packet inspection and app-layer parsing for protocols like HTTP, DNS, and SMB, though encrypted traffic remains a challenge. Suricata also incorporates languages like Rust to enhance safety and performance, and it relies on community contributions for rule sets, feature enhancements, and ongoing development. The goal is to improve accessibility while maintaining strong security and performance capabilities.
11 May 2026 Open source is critical infrastructure with Kat Cosgrove
Maintaining open source infrastructure is critical to prevent security risks from neglected projects, highlighting the need for sustainable funding, corporate collaboration beyond financial support, and systemic reforms to address coordination challenges, dependency fragility, and vulnerabilities.
4 May 2026 How to actually test a disaster plan with David Bernstein
A three-part disaster recovery framework emphasizing simplicity, clear roles, and collaboration, utilizing structured testing via HSEEP, real-world validation, and continuous improvement through exercises, while addressing pitfalls and balancing realism with psychological safety.
27 Apr 2026 Open Source Pledge with Vlad-Stefan Harbuz
Challenges in open source sustainability include undervaluing maintainers, dependency tracking issues, fragmented tooling, burnout, governance flaws, and paradoxical tool sustainability, necessitating financial support, sustainable governance, and collective action for long-term project viability.
20 Apr 2026 Building a plan for disaster with David Bernstein
Adaptive emergency management and disaster recovery demand dynamic strategies, structured frameworks like ISO 22301/NIST, cyclical preparedness, stress testing, stakeholder alignment, and resilience through collaboration and continuous learning to tackle evolving digital and physical risks.
13 Apr 2026 Open Source Malware with Paul McCarty
Open Source Malware (OSM) addresses the gap in detecting intentional malicious open-source components by cataloging threats, de-obfuscating code, extracting indicators of compromise, and providing post-incident data, while tackling challenges like persistent malicious packages, limitations of traditional tools against interpreted languages, fragmented collaboration, AI risks, and the need for improved CI/CD security, audit tools, and balanced AI-human oversight.