Peter Manev
Peter Manev is member of the executive team at Open Network Security Foundation (OISF) and Suricata Project Evangelist. Peter has over 20 years of experience in the IT Security industry, including enterprise-level practice. He is a passionate user, developer, and explorer of innovative open-source security software. He is responsible for training as well as quality assurance and testing on the development team of Suricata – the open-source threat detection engine. Peter has been involved with Suricata IDS/IPS/NSM from its very early days in 2009 as QA and training lead.
Peter is the co-founder and chief strategy officer (CSO) of Stamus Networks, a company providing commercial and open-source network detection and response solutions based on Suricata.
Peter is also one of the lead maintainers of ClearNDR Community (former SELKS), the popular turnkey open-source based implementation of Suricata IDS/IPS/NSM.
Peter Manev is a co-author of The Security Analyst’s Guide to Suricata book written with Eric Leblond.
Peter Manev is a co-author of SEPTun I and SEPTun II Suricata Extreme Performance Tuning series.
Peter is a prolific writer, content creator and open source contributor about Network Cyber Security and has authored over 150 blogs , 400 visualizations and dashboards for Kibana/Elasticsearch and OpenSearch , written over 2000 detection rules, developed over 140 hunting trigger routines.
Peter has authored scientific papers on Cyber Security Strategy and Defense and also has developed and delivered over 100 hands on Cyber Security trainings and workshops for different government, public, private and defense organizations in US and Europe like the US Space command, US Missile command, NATO Counter Cyber Operations units.
Peter often engages in private or public training events in the area of advanced deployment and threat hunting at conferences, workshops or live-fire cyber exercises such as Crossed Swords, Locked Shields, DeepSec, FOSDEM, Troopers, BotConf, BSides, DefCon, Suricon, SharkFest, RSA, Flocon, MIT Lincoln Lab and others.
Session
This hands-on workshop provides an in-depth exploration of advanced techniques for maximizing network threat detection using Suricata. Building upon core Suricata capabilities, this session delves into critical areas such as effective utilization of metadata keywords, including MITRE and regular metadata, to enrich detection context.
Participants will learn practical methods for achieving fast Indicator of Compromise (IOC) matching and strategies for managing multiple Suricata versions within diverse environments.
The workshop will also cover leveraging the Suricata Language Server (SLS) for rule development and optimization, including interpreting performance hints and implementing Continuous Integration (CI) for rulesets using SLS in batch mode.
This session is designed for cybersecurity professionals seeking to enhance their Suricata expertise and implement cutting-edge threat detection strategies. Attendees will leave equipped with actionable techniques and practical examples to improve their organization's security posture.