Éric Leblond

@[email protected]
294 Followers
84 Following
113 Posts
Co-founder and CTO at Stamus Networks. All things Suricata and Netfilter.
Éric LeblondFeb 2

RE: https://infosec.exchange/@da_667/116001653909081235

We need an island command to sandbox a build and install (cc @l0kod) ;)

Éric LeblondFeb 1
Mickaël SalaünFeb 1
I gave a talk at #FOSDEM about Island: Sandboxing tool powered by #Landlock
https://fosdem.org/2026/schedule/event/EW8M3R-island/
FOSDEM 2026 - Island: Sandboxing tool powered by Landlock

Éric LeblondFeb 1
Great talk about PostgreSQL community by @clairegiordano . Loved the point "ability to work (and fail) in public" in the arsenal you need to have to become an open Source developer.
Éric LeblondJan 23
SuricataJan 23

Don’t miss Peter Manev’s and @Regit 's talk at FOSDEM 2026 ( @fosdem ). In attendance, our very own Dr. Kelley Misata and @inliniac ) will be there as well. Be sure to say hi to them and ask any of your burning questions about #Suricata.

We hope to see you there! https://fosdem.org/2026/schedule/event/YCYWGM-suricata/

Éric LeblondJan 8
SuricataJan 7

Hear from Jason Ish ( @ish ), on the new Lua capabilities and #Suricata library features from Suricata 8. He lets us know why he’s happy to see these improvements and more in the video below!

Tune in: https://youtu.be/QzfrIflsEJw

Suricata 8: Smarter Integration & Deployment Strategies | Jason Ish

YouTube
Éric LeblondDec 26
Stamus Networks has released Clear NDR Community 1.1.0. Our Open Source #Suricata based #NDR has an exciting new UI available in preview. This new code base introduces some great new views and data analysis methods. Feedback welcome!
See https://docs.clearndr.io/ for installation or upgrade.
Éric LeblondDec 18

Suricata Language Server 1.3.0 is now available and it surfs on the concept of magic comment introduced in version 1.0.0 to add some game-changing features for the Suricata signature writer. Main features are the capability to test the signatures in a file against a pcap when writing the file and the support of Suricata version selection.

In this release, we also introduce LSP-based syntax highlighting, so no external modules are necessary to get colors when writing signatures.

More information on Stamus Networks’ blog: https://www.stamus-networks.com/blog/suricata-language-server-1.3-automated-pcap-testing-and-multi-version-support

Suricata Language Server 1.3.0: Automated PCAP Testing, Multi-Version Support, and Syntax Highlighting

Suricata Language Server 1.3.0 is now available and it surfs on the concept of magic comment introduced in version 1.0.0 to add some game-changing features for the Suricata signature writer.

Éric LeblondNov 29

With #Suricata Language Server 1.2.0 it will be possible to check the signatures in the file against a PCAP file. You will instantly know if the signature match and what is its CPU cost. Check the video for a demo of the feature.

https://www.stamus-networks.com/suricata-language-server

Show threadÉric LeblondNov 23
Rules profiling in #Suricata Language Server is now pushed to main branch. Current default Suricata image from @ish should have rules profiling when https://github.com/jasonish/docker-suricata/pull/53 get merged. For now, only local Suricata with correct build will provide profiling.
Rules profiling by regit · Pull Request #53 · jasonish/docker-suricata

Add rules profiling build option to regular build. It is deactivated by default and need to be activated via --set commands.

GitHub
Show threadÉric LeblondNov 23
As discussed during #Suricon2025 I've also added the profiling of the signatures if a pcap file if specified in comment.