Project

General

Profile

Actions

Task #4097

open

Task #4763: tracking: Suricon brainstorms

Suricon 2020 brainstorm

Added by Victor Julien almost 4 years ago. Updated 4 months ago.

Status:
Assigned
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

Tracking ticket for the virtual brainstorm in November 2020.


Related issues 40 (30 open10 closed)

Related to Suricata - Task #3307: Research: evaluate future of lua support in SuricataNewOISF DevActions
Related to Suricata - Task #3329: Research: WASM as a Lua alternative and for dynamically loadable modulesAssignedJason IshActions
Related to Suricata - Task #2693: tracking: libsuricataIn ProgressJason IshActions
Related to Suricata - Feature #4099: allow rule keyword registration from app-layerAssignedVictor JulienActions
Related to Suricata - Task #4101: tracking: pluginsIn ProgressJason IshActions
Related to Suricata - Feature #3954: Optimize handling of encapsulation in cloud deploymentNewOISF DevActions
Related to Suricata - Feature #3306: Support AF_XDP capture methodClosedRichard McConnellActions
Related to Suricata - Optimization #4126: Threaded eve logging for output types other than regular file (socket, plugins, redis etc)ClosedJeff LucovskyActions
Related to Suricata - Feature #1199: protocol: LDAP supportClosedGiuseppe LongoActions
Related to Suricata - Bug #2224: Negated http_* match returns false if buffer not populatedIn ReviewPhilippe AntoineActions
Related to Suricata - Feature #4138: A stable flow ID for dump/restore of state as well as state synchronizationNewOISF DevActions
Related to Suricata - Feature #2448: Add additional buffers for DNS ResponsesNewOISF DevActions
Related to Suricata - Optimization #4141: file.data: inspect File objects for HTTPClosedJeff LucovskyActions
Related to Suricata - Task #4143: tracking: file.data improvementsAssignedJeff LucovskyActions
Related to Suricata - Feature #2487: Buffers for field/value pairs in http_uri and http_client_bodyNewOISF DevActions
Related to Suricata - Feature #2488: HTML Parsing / BuffersNewOISF DevActions
Related to Suricata - Feature #3494: rules: Keyword for determining if the http_host is an ip addressNewOISF DevActions
Related to Suricata - Feature #3285: rules: XOR keywordClosedPhilippe AntoineActions
Related to Suricata - Feature #3260: SMTP Base64 Decoding of Message BodyNewOISF DevActions
Related to Suricata - Feature #3261: SMTP quoted-printable Decoding of Message BodyNewOISF DevActions
Related to Suricata - Feature #2486: prefilter/fast_pattern logic for flowbitsIn ProgressVictor JulienActions
Related to Suricata - Feature #4089: rules: Flexible format transformAssignedJeff LucovskyActions
Related to Suricata - Task #4146: Research: Hand off packet streams on alertsNewCommunity TicketActions
Related to Suricata - Feature #4147: Map rules to MITRE ATT&CKFeedbackCommunity TicketActions
Related to Suricata - Feature #4148: Research: SSH Support for additional protocol analysisNewCommunity TicketActions
Related to Suricata - Feature #4149: Research: Dynamic datasetsFeedbackCommunity TicketActions
Related to Suricata - Feature #4150: Profiling mode: Ticks used to generate an alert available?NewCommunity TicketActions
Related to Suricata - Task #4151: Research: New protocol supportNewCommunity TicketActions
Related to Suricata - Task #4122: tracking: handle various TLS decrypt headers in proxies and decryption toolsAssignedVictor JulienActions
Related to Suricata - Feature #2755: vendor id / vid keyword to give rulesets unique sid rangesNewOISF DevActions
Related to Suricata - Bug #2190: apparent 1000 character limit in threshold.conf IP listsClosedJeff LucovskyActions
Related to Suricata - Feature #3887: yaml: Increase maximum size for address varsClosedJeff LucovskyActions
Related to Suricata - Feature #1096: tls: client certificate handlingClosedVictor JulienActions
Related to Suricata - Feature #4162: rules: entropy transform keywordNewCommunity TicketActions
Related to Suricata - Task #4165: rust: nom 7ClosedActions
Related to Suricata - Feature #4174: tracking: app-layer frame inspection supportIn ProgressVictor JulienActions
Related to Suricata - Feature #4175: dcerpc: higher level loggingNewCommunity TicketActions
Related to Suricata - Feature #273: IRC protocol detection supportNewCommunity TicketActions
Related to Suricata - Feature #776: rules: Add smtp_envelope and smtp_header keywordsAssignedOISF DevActions
Related to Suricata - Feature #120: Capture full session on alertClosedScott JordanActions
Actions #1

Updated by Victor Julien almost 4 years ago

  • Related to Task #3307: Research: evaluate future of lua support in Suricata added
Actions #2

Updated by Victor Julien almost 4 years ago

  • Related to Task #3329: Research: WASM as a Lua alternative and for dynamically loadable modules added
Actions #3

Updated by Victor Julien almost 4 years ago

  • Related to Task #2693: tracking: libsuricata added
Actions #4

Updated by Victor Julien almost 4 years ago

  • Related to Feature #4099: allow rule keyword registration from app-layer added
Actions #5

Updated by Jason Ish almost 4 years ago

Actions #6

Updated by Victor Julien almost 4 years ago

  • Related to Feature #3954: Optimize handling of encapsulation in cloud deployment added
Actions #7

Updated by Victor Julien almost 4 years ago

Actions #8

Updated by Jason Ish almost 4 years ago

  • Related to Optimization #4126: Threaded eve logging for output types other than regular file (socket, plugins, redis etc) added
Actions #9

Updated by Jason Ish almost 4 years ago

Actions #10

Updated by Jason Ish almost 4 years ago

  • Related to Bug #2224: Negated http_* match returns false if buffer not populated added
Actions #11

Updated by Jason Ish almost 4 years ago

  • Related to Feature #4138: A stable flow ID for dump/restore of state as well as state synchronization added
Actions #12

Updated by Jason Ish almost 4 years ago

  • Related to Feature #2448: Add additional buffers for DNS Responses added
Actions #14

Updated by Victor Julien almost 4 years ago

Actions #15

Updated by Victor Julien almost 4 years ago

  • Related to Task #4143: tracking: file.data improvements added
Actions #16

Updated by Jeff Lucovsky almost 4 years ago

  • Related to Feature #2487: Buffers for field/value pairs in http_uri and http_client_body added
Actions #17

Updated by Jeff Lucovsky almost 4 years ago

Actions #18

Updated by Jeff Lucovsky almost 4 years ago

  • Related to Feature #3494: rules: Keyword for determining if the http_host is an ip address added
Actions #19

Updated by Jeff Lucovsky almost 4 years ago

Actions #20

Updated by Jeff Lucovsky almost 4 years ago

  • Related to Feature #3260: SMTP Base64 Decoding of Message Body added
Actions #21

Updated by Jeff Lucovsky almost 4 years ago

  • Related to Feature #3261: SMTP quoted-printable Decoding of Message Body added
Actions #22

Updated by Jeff Lucovsky almost 4 years ago

  • Related to Feature #2486: prefilter/fast_pattern logic for flowbits added
Actions #23

Updated by Jeff Lucovsky almost 4 years ago

  • Related to Feature #4089: rules: Flexible format transform added
Actions #24

Updated by Jeff Lucovsky almost 4 years ago

  • Related to Task #4146: Research: Hand off packet streams on alerts added
Actions #25

Updated by Jeff Lucovsky almost 4 years ago

Actions #26

Updated by Jeff Lucovsky almost 4 years ago

  • Related to Feature #4148: Research: SSH Support for additional protocol analysis added
Actions #27

Updated by Jeff Lucovsky almost 4 years ago

Actions #28

Updated by Jeff Lucovsky almost 4 years ago

  • Related to Feature #4150: Profiling mode: Ticks used to generate an alert available? added
Actions #29

Updated by Jeff Lucovsky almost 4 years ago

  • Related to Task #4151: Research: New protocol support added
Actions #30

Updated by Victor Julien almost 4 years ago

  • Related to Task #4122: tracking: handle various TLS decrypt headers in proxies and decryption tools added
Actions #31

Updated by Jason Ish almost 4 years ago

  • Related to Feature #2755: vendor id / vid keyword to give rulesets unique sid ranges added
Actions #32

Updated by Jason Ish almost 4 years ago

  • Related to Bug #2190: apparent 1000 character limit in threshold.conf IP lists added
Actions #33

Updated by Jason Ish almost 4 years ago

  • Related to Feature #3887: yaml: Increase maximum size for address vars added
Actions #34

Updated by Victor Julien almost 4 years ago

  • Related to Feature #1096: tls: client certificate handling added
Actions #35

Updated by Victor Julien almost 4 years ago

  • Related to Feature #4162: rules: entropy transform keyword added
Actions #36

Updated by Victor Julien almost 4 years ago

Actions #37

Updated by Victor Julien almost 4 years ago

  • Related to Feature #4174: tracking: app-layer frame inspection support added
Actions #38

Updated by Victor Julien almost 4 years ago

Actions #39

Updated by Victor Julien almost 4 years ago

  • Related to Feature #273: IRC protocol detection support added
Actions #40

Updated by Victor Julien almost 4 years ago

  • Related to Feature #776: rules: Add smtp_envelope and smtp_header keywords added
Actions #41

Updated by Jason Ish almost 4 years ago

  • Related to Feature #120: Capture full session on alert added
Actions #42

Updated by Victor Julien about 3 years ago

  • Parent task set to #4763
Actions #43

Updated by Victor Julien over 2 years ago

  • Status changed from New to Assigned
Actions #44

Updated by Philippe Antoine 4 months ago

  • Target version set to TBD
Actions

Also available in: Atom PDF