Jeff Lucovsky
Jeff Lucovsky has been a core Suricata developer since 2019 and has made significant contributions to various areas of Suricata. Jeff is also a Principal Software Engineer at Corelight, where his primary focus is to oversee the development and deployment of Suricata across Corelight’s sensors. He is also a technical lead for Corelight’s performance engineering team.
@jlucovsky.bsky.social
Session
Suricata, the high-performance, open-source network threat detection engine developed by the Open Information Security Foundation (OISF), is widely deployed for intrusion detection, intrusion prevention, and network security monitoring. In this talk, I’ll provide a brief technical overview of Suricata’s architecture and delve into the new features in the latest release, 8.0. Highlights include performance enhancements, expanded protocol parsing, improved multi-threading efficiency, and improved support for inline deployments with firewalls. I’ll focus on the initiative for this release – “if you log it, you can use it in a rule”. I’ll walk through key use cases, explain how these updates improve detection fidelity and operational flexibility, and share practical tips for maximizing the new features in production environments.