More Open Source Security episodes

All about Suricata with Victor Julien thumbnail

All about Suricata with Victor Julien

Published 19 Jan 2026

Duration: 32:11

Suricata is an open-source, multi-mode network intrusion detection and prevention system that analyzes traffic, detects malicious activity, and generates detailed metadata for further analysis.

Episode Description

Josh discusses Suricata with Victor Julien, the founder and lead developer of the project. Victor explains the history of the project, its impact on c...

Overview

Suricata is an open-source network Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) that analyzes network traffic to detect malicious activity using signature-based rules. It generates detailed metadata, such as in JSON format, for further analysis and can operate in IDS, IPS, or Firewall modes, with the Firewall mode implementing a default drop policy for traffic control. Enterprises use Suricata for tasks such as network monitoring, threat detection, and log analysis, often integrating it with visualization and forensic tools like the ELK stack.

The project has been maintained by the Open Source Automation Foundation (OASF) for over 15 years and continues to evolve with improvements in usability, protocol support, and performance. It supports deep packet inspection and app-layer parsing for protocols like HTTP, DNS, and SMB, though encrypted traffic remains a challenge. Suricata also incorporates languages like Rust to enhance safety and performance, and it relies on community contributions for rule sets, feature enhancements, and ongoing development. The goal is to improve accessibility while maintaining strong security and performance capabilities.

Recent Episodes of Open Source Security

22 Jun 2026 Packagist and Composer security with Jordi Boggiano

Strategies for securing open-source ecosystems include malware detection via third-party feeds, transparency logs, rapid incident response, blocking malicious downloads, private registry controls, immutable package releases, standardized workflows, MFA enforcement, and technical proposals like artifact validation and build attestation, while addressing challenges like maintainer hacking, AI risks, usability trade-offs, and the need for ecosystem-wide alignment and human verification.

15 Jun 2026 Sustaining Open VSX with Mike and Thabang

Eclipse Foundation's OpenVSX, a VS Code extension repository, surged to 600M monthly downloads, evolved to a commercial model with enterprise SLAs and security teams, while addressing scalability, open-source balance, and funding challenges for AI expansion.

8 Jun 2026 Hacking your CI/CD with Francois Proulx

Critical vulnerabilities in open source CI/CD pipelines, including hijacking and supply chain attacks via social engineering or compromised builds, are highlighted through incidents like TJ Actions and Ultralytics, with mitigation strategies emphasizing secure credentials, externalized workflows, threat modeling, and tools like *Smoked Meat* and *Bagel* to enhance incident response and supply chain security.

1 Jun 2026 Open source verification with Sal Kimmich

Cybersecurity challenges include complex application ecosystems, overlooked kernel vulnerabilities, supply chain risks, and systemic risks from under-resourced organizations prioritizing surface-level controls, alongside calls for regulatory reforms, proactive threat modeling, secure development practices, and addressing tribal nations' unique legal and sovereignty concerns.

25 May 2026 Vulnerability disclosure with Casey Ellis

The evolution of vulnerability disclosure highlights challenges in prioritizing critical issues, outdated legal frameworks, and the role of initiatives like Disclosed.io in standardizing policies, alongside AI's impact on detection, open-source risks, triage complexities, and the need for collaboration and transparency to address systemic security barriers.

More Open Source Security episodes