We're pleased to announce the releases of #Suricata 8.0.4 and 7.0.15! 🎉

Get the releases:
🔸 8.0.4: https://www.openinfosecfoundation.org/download/suricata-8.0.4.tar.gz
🔸 7.0.15: https://www.openinfosecfoundation.org/download/suricata-7.0.15.tar.gz

Read more: https://forum.suricata.io/t/suricata-8-0-4-and-7-0-15-released

🚨 Interested in speaking at #SuriCon2026?

Share your research, lessons learned, or a unique use case with the Suricata community.

Submit your proposal: https://pretalx.com/suricon2026/cfp

#CallforTalks #Suricata #OpenSource

worked with the tcpdump folks on an updated set of examples for the tcpdump man page https://www.tcpdump.org/manpages/tcpdump.1.html#lbAF

the idea is that if you've forgotten how tcpdump's basic flags work, you can find a quick reference in the man page!

Investigation scenario:
We just received three notifications with alerts from #Suricata #IDS

1) GPL SMTP vrfy root, from unknown IP to our mailserver

Shortly after that, two more alerts appeared:

2) ET HUNTING SUSPICIOUS Dotted Quad Host MZ Response; from the same unknown IP to Windows computer in our network
3) ET MALWARE Possible Metasploit Payload Common Construct Bind_API, again from the same unknown IP to the same Windows computer

What happened?
What to do? How to analyze network traffic and investigate those alerts?

We do not have any EDR or XDR installed on that Windows computer. Right now,we have only Suricata eve.json logs ingested to the #OpenObserve #SIEM

If you would like to see more, you are welcome to attend my @suricata webinar on March 11.
Register here: https://us02web.zoom.us/webinar/register/WN_I6BNbCU2SNG2fAOEiotPiQ

This week the European Commission published the draft for a guidance document for the Cyber Resilience Act (CRA). It is 70 pages, but contains some helpful examples and flowcharts, like this one, making it accessible even to Open Source folks with limited time.

Here: Quick guidance for the question if your FOSS component is in scope for the CRA, and if so, wether you're deemed a steward or manufacturer in regards of the component.

#opensource #cra

📢📢📢 Ladislav Bačo is back for round two!

On March 11, Ladislav Bačo ( @malwarelab_eu ) shares practical approaches for integrating network forensics into IR workflows, with perspectives for home and small office networks.

Register: https://us02web.zoom.us/webinar/register/WN_I6BNbCU2SNG2fAOEiotPiQ

#Suricata

Don't miss Shivani Bhardwaj ( @inashivb ) at FOSSASIA Summit 2026! 🙌 Catch her hands-on Suricata session on March 9 at 2:45 PM (+07).

https://eventyay.com/e/88882f3e/session/10405

#Suricata #FOSSASIA #opensource