Suricata Newsletter for December 2025
Welcome
Hello and welcome to the December issue of the Suricata Newsletter! The past few months have been packed for the OISF team with patch releases and SuriCon 2025 in Montreal. It was wonderful seeing so many familiar faces and meeting new members of the community. SuriCon always reminds the team just how strong this community is, and motivates us more than ever to keep charging ahead—this time toward Suricata 9.0.
Please consider subscribing to this newsletter by email. To do so, head on over to https://newsletter.suricata.io/ and enter your email address.
Message From OISF’s President, Kelley Misata
It’s hard to believe we’re closing out another year. 2025 brought continued growth for OISF, Suricata, and our community - including the launch of Suricata 8.0 and the performance, detection, and stability improvements behind it. Huge thanks to our incredible development team and the community (and consortium!) who contributed every step of the way.
SuriCon 2025 reminded us why we do this work. The community showed up once again with energy, new faces, and many familiar ones. That momentum matters.
We also saw more users and integrators reaching out - not only about features, but architecture, deployment, and sustainability. That collaboration is driving real improvements across performance, tooling, and roadmap priorities while opening new doors for how we can build together.
A personal highlight has been taking Suricata’s story on the road, with members of the team delivering technical and non-technical talks (and yes, a lot of stickers!) at conferences worldwide. It’s helped reinforce that open source is far more than code: it’s governance, business models, community trust, and countless invisible decisions that keep projects thriving. We’ll keep amplifying that message into 2026; starting with FOSDEM.
Behind the scenes, we’re strengthening OISF itself: adding development talent, improving resilience, and upgrading infrastructure to better support contributors and consortium members. And to better serve organizations running Suricata in mission-critical environments, we launched the pilot OISF Partner Program - a more intentional path for co-designing the future together. More to come soon, but if you just can’t wait email us at partner@oisf.net - we’re happy to give you a sneak peek.
And of course, SuriCon 2026 is coming to Lisbon, Portugal - November 18–20, 2026. Get ready - call for Talks opens February 1, 2026!
Thank you for an incredible year. Let’s carry this momentum into 2026 and continue building the open-source network security engine the world depends on.
Message From Suricata Lead Developer, Victor Julien
Last month we came together as a community and team for the 11th edition of Suricon. We’ve seen many great talks that gave lots of food for thought. It serves as great input to the roadmap.
In addition we did another community brainstorm sessions where there was lots of good feedback and there were many interesting ideas.
One of the things many people expressed interest in is more focus on OT/ICS protocols. Due to lack of availability of traffic, specifications and test equipment this is an area where collaboration within the community is key.
While many things will be picked up by the OISF development team, there are also plenty of ways to contribute. Testing, documentation, coding and many other things are valuable to the project, so we hope to see you active in our community!
SuriCon
- SuriCon 2026 will be happening in Lisbon in November 2026. See https://suricon.net for more details! And subscribe to this newsletter to have updates delivered to your inbox!
- SuriCon 2025 in Montreal was a great success! Thank you to everyone
who participated. The videos are now available on YouTube:
- State of Suricata
- PYROLYSE: How to Burn Network Stack with Overlapping Data
- Mental Health in Cybersecurity: Balancing the Scales
- Abusing HTTP Quirks to Evade Detection
- Developing a Talisman Against Performance Killing Networks
- Bridging Host and Network: Enriching Linux Shell Abuse Detection with Suricata
- Observe. Protect. Adapt.: The Suricata Way
- IOCs Handling Reloaded
- Shovel: Leveraging Suricata for Attack-Defense CTF
- Not Only Buffers
- Suricata Stats Stars: Find the Ones that Shine to You
- Integrating Machine Learning Feedback with Suricata
- Signature-Based Approach: Detect Evolving Malware Communication Patterns & Behaviors
- Meerkat in the Sandbox: Turning Rule Hits into Verdicts
- Suricata for ICS: Tips and Moar Research
- Pikksilm: A Tale of Unholy Alliance between Endpoint Agents and Suricata
- Deep Packet Inspection for Building Automation: Developing a BACnet Protocol Parser
- 100 Gbps in Practice
- Suricata Research: WebAssembly Modules in Suricata
- Modern Techniques for Visibility and Detection in the Cloud
- Accelerating Suricata by Filtering Network Traffic in Hardware via DPDK
Release Announcements
- Suricata 8.0.2 and 7.0.13 were released on November 6, 2025, fixing a number of security-related issues. Please upgrade as soon as possible. See the release announcement at forum.suricata.io.
Recent Suricata and OISF Blog Posts
Upcoming Events and Webinars
- Suricata team members will be present at FOSDEM 2026 delivering a talk at the Network Track on Saturday, January 31 at 12:35 - “Suricata 8 - shaping the future of network detection and prevention”
- Juliana Fajardini will represent our community at the Oxum Hacker Conference in Brazil, also in January.
- The webinar agenda for next year is getting busy, keep an eye on webinars to be announced soon for January and February!
Recent Webinars and Events
- Lukáš Šišmiš, Introduction to Network Threat Detection with Suricata at the OpenAlt conference in Brno
- Dr Kelley Misata’s Keynote at SharkFest’25 Europe: Open Source is Free, But Not Free-Free
- Dr Kelley Misata (again, she was everywhere!) and Jeff Lucovsky attended and gave talks at Security Onion Conference 2025: Beyond Code Commits: Sustaining Open Source for Security at Scale and Suricata 8
- Two pre-SuriCon webinars:
- What’s New In Suricata 8: Enhanced Detection And Performance - Peter Manev & Eric Leblond, presented at hack.lu 2025
- 2 workshops delivered by Peter Manev & Eric Leblond at
Hack.lu 2025 :
- Threat detection engineering with Suricata
- New advanced network detection with Suricata 8
Development News
- At SuriCon this past November, we had another community discussion session. The team is currently working through all the discussions and making plans for Suricata 9.0. Stay tuned for more roadmap updates in the coming months.
In the Community
- [pawpatrules.fr] Wing FTP Server CVE-2025-47812 RCE detection with Suricata IDS/NSM
- Proactive Defense: CrowdSec & Suricata Made Easy
- From Stamus Networks: Introducing Clear NDR Community 1.0: Advanced Suricata Network Security for Everyone, Opensearch Dashboard for Suricata 8!
- The Cyber Yeti (Dr. Josh Stroschein) and Suricata’s Peter Manev talk Suricata 8.
- Peter Manev talks about Suricata 8 on GitHub’s Open Source Friday
- Http.dottedquadhost and you
Special Thanks
For this newsletter, we’d like to express a big thank you to all those who spoke at SuriCon 2025 in Montreal: Adam Kiripolsky, Ambre Iooss, Arezki Laga, Chris Boucek, Éric Leblond, Glenn Thorpe, Giuseppe Longo, Jeff Lucovsky, Johan Mazel, John Graat, Juliana Fajardini, Konstantin Klinger, Lucas Aubard, Markus Kont, Mathieu Le Cleach, Mohamed Amine Larabi, Mohammad Amr Khan, Niels van Dijkhuizen, Patrick Kelley, Peter Manev, Philippe Antoine, Pierre Chifflier, Reid Wightman, Ron Bowes, Ted Skinner, Yacin Nadji
A shoutout also to all SuriCon Montreal sponsors, who showed up not only with their financial support, but also helping us build a stronger and more collaborative community: OPNsense, NEOX Networks, Corelight, GreyNoise Intelligence, detections.ai, Napatech, SensorFleet, FoxIO, Catena Cyber, Security Onion Solutions, LLC, Enea AB, Status Networks, FMADIO, Nomic Networks, Amazon Web Services (AWS), and Chris Wakelin.