<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2180921&amp;fmt=gif">

Slides and video of "Suricata and eBPF" talk

by Eric Leblond | Oct 11, 2016 | Suricata, Events

Eric Leblond gave a talk entitled "The adventures of a Suricata in eBPF land" at netdev 1.2, the Technical Conference on Linux Networking. This talk reviewed Stamus Networks' work in the field of bypass and showed how the eBPF technology can be used to implement this feature.

eBPF is a technology that extends the traditional Berkeley Packet Filter that you can for example use with tcpdump. For instance eBPF filter can be written in a subset of C and allows kernel and userspace to share data via maps that can be for example an array or hash table. This technology has been used to implement a kernel bypass in Suricata. The idea is that Suricata is asking the Linux kernel to stop sending  it (bypass) packets for particular flow once it has decided that no further inspection is needed to be done.

For detailed information on the subject, you can get the Slides of "Suricata and eBPF" or watch the video that is already available thanks to the great work of Netdev team:



Eric Leblond

Éric Leblond is the co-founder and chief technology officer (CTO) at Stamus Networks. He sits on the board of directors at Open Network Security Foundation (OISF). Éric has more than 15 years of experience as co-founder and technologist of cybersecurity software companies and is an active member of the security and open-source communities. He has worked on the development of Suricata – the open-source network threat detection engine – since 2009 and is part of the Netfilter Core team, responsible for the Linux kernel's firewall layer. Eric is a respected expert and speaker on all things network security. Éric resides in Escalles, France.

Schedule a Demo of Clear NDR


Related posts

Stamus Networks at Black Hat Europe 2024

Stamus Networks is excited to return to Black Hat Europe 2024 at Excel London, United Kingdom 9-12...

Stamus Networks at Suricon 2024

Each year, Suricon attracts visitors from around the world for three days of training and...

See Stamus Networks at an Event Near You!

Stamus Networks is excited to announce that our co-founders Éric Leblond (Chief Technology Officer)...