Suricata IDS. An Open Source intrusion detection, intrusion prevention, and network security monitoring engine developed by the OISF (https://oisf.net).
Development by OISF team @inliniac @ish @jlucovsky @jufajardini, Peter Manev, @inashivb, Philippe Antoine, Corey Thomas, Lukáš Šišmiš, Andreas Herz, and our awesome community.
#SuriCon2026 registration is open! 🔥
Come meet the people behind the project, catch incredible talks, and be part of the community that keeps Suricata moving forward. Whether you are a longtime community member or just getting started with #Suricata, we would love to see you there!
suricon.net
That's an excellent question you bring up. So this is my opinion, but Suricata has a lot of features that NGFWs do. Its entirely possible to do something like what you're thinking to replace an NGFW.
In fact, if you're curious to try out a pre-built example, you might consider taking a look at OPNSense.
OPNSense is, essentially a fork of PFSense with a good number of changes under the hood.
There's a pre-configured/pre-installed Suricata installation that integrates in with the rest of the firewall functionality, and you can also acquire access to the Emerging Threats Pro Set, through an agreement to provide generalized alert telemetry.
Otherwise, Suricata is well-documented. One of the features for firewall integration with inline operation includes NFQueue, but there's also AFPACKET and other traffic capture modes available as well.
As far as features go, they outnumber the stars in the sky at this point.
You want flow? It can do flow. You want file carving? It can do file carving. You want HTTP/SSL logs? It can do that as well.
The latest versions also support integration with nTop's nDPI library for even more rule writing and detection options.
RE: https://infosec.exchange/@suricata/116291041184617317
Got some of my work featured in this post as well -- Operating in the margins, and Suricata: An Operator's Guide release up to chapter 9.
This newsletter appears to be run about once quarterly-ish. If you have anything network forensics related, more specifically, Suricata-related, Let me know. I want to pass it along and ensure that the rest of our community gets recognition.
Likewise, If you have a Suricata/NSM related question, you want answered, I would be happy to answer it, and write about it on community.emergingthreats.net, so that everyone can benefit from the insight.
As always, thanks to OISF, and @ish for featuring my work, alongside the work of the community.
The latest #Suricata Newsletter is here!
In this issue, we’re sharing #SuriCon 2026 updates, release and upgrade news, and a look at what’s ahead for Suricata 9.0, along with more from across the community.
Read this issue and subscribe here: https://newsletter.suricata.io/posts/2026-03/
We’re at RSA Conference 2026 and Dr. Kelley Misata is on the floor. 🙌
This year’s Power of the Community theme fits #Suricata well. If you're here, stop by to talk real-world use, what’s top of mind, and pick up some Suricata goodies! 👕🎁
SuriCon 2026 needs your support! 🙌
Whether you are an individual or organization, there is a sponsorship level for you. Help bring the Suricata community together in Lisbon.
suricon.net/sponsorships/
We're pleased to announce the releases of #Suricata 8.0.4 and 7.0.15! 🎉
Get the releases:
🔸 8.0.4: https://www.openinfosecfoundation.org/download/suricata-8.0.4.tar.gz
🔸 7.0.15: https://www.openinfosecfoundation.org/download/suricata-7.0.15.tar.gz
Read more: https://forum.suricata.io/t/suricata-8-0-4-and-7-0-15-released
If you're heading to RSA Conference 2026, come find Dr. Kelley Misata!
She'll be there March 23–26 and would love to connect with the Suricata community and consortium members. She's also bringing Suricata goodies!
Come say hello or send us a message: suricata.io/our-story/contact/
2 accepted talks about #Suricata :)
I'll be talking @suricata at:
@bsidesgrunn on April 17th (https://bsidesgrunn.org/)
and:
@nluug on May 7th (https://nluug.nl/evenementen/nluug/voorjaarsconferentie-2026/)
Hope to see you there!
da_667
ANY.RUN
Victor Julien