Suricata’s 2nd Annual User Conference
November 9–11, 2016
The Hamilton Crowne Plaza

Reserve Your Conference Space Now



Ron Gula

Chairman of the Board at Tenable

Ron is a recognized leader in cybersecurity. He began at the National Security Agency conducting penetration tests of government networks and doing vulnerability research. He authored the Dragon Intrusion Detection System, was CTO of Network Security Wizards, and Director of Risk Mitigation for USinternetworking. While at BBN Technologies and GTE Internetworking, he developed security policies for large carrier-class networks. Ron serves on the UMD Cybersecurity Center Advisory Board and the National Cybersecurity STEM Education Advisory Board.

Liam Randall

Critical Stack / Capital One Bank / Hack Secure

With a career spanning 20 years, Liam is a passionate supporter and contributor to many open source communities. An early supporter of the Bro project, he has trained 1000’s of students in the principles of Network Security Monitoring and large scale network monitoring. As a serial entrepreneur he has founded multiple network security related startups, including Critical Stack, which was recently acquired by Capital One Bank. While still leading Critical Stack he is serving as a board member at the security startup accelerator Hack Secure advising seed stage startups where he continues to support open source security with investments in companies such as Kolide, the OS Query company. Find him online at

Doug Burks

CEO at Security Onion

Doug started Security Onion in 2008 to provide a comprehensive platform for intrusion detection, network security monitoring, and log management. Today, Security Onion has over 200,000 downloads and is being used by organizations around the world to help monitor and defend their networks. In 2014, Doug started Security Onion Solutions LLC to help those organizations by providing commercial support and training. Doug is a CEO, public speaker, teacher, former president of the Greater Augusta ISSA, and co-founder of BSides Augusta, but what he really likes the most is catching bad guys.

Pierre Chifflier

Head of the Intrusion Detection Lab (LED) at ANSSI (French National Information Security Agency)

Pierre is interested in various security topics such as Operating Systems, boot sequence, compilers and languages, and new intrusion detection methods. He’s also trying to link all these topics by improving detection tools, writing safe parsers and deploying tools in a secure architecture. He is also a Debian Developer and has been involved in Free Software for many years.

Andras Iklody

Software Developer at CIRCL

Andras has been the main developer of the Malware Information Sharing Platform since the beginning of 2013. He is a firm believer that there are no problems that cannot be tackled by building the right tool.

Victor Julien

Founder & Lead Programmer at OISF

Victor has been active as a software developer in the infosec community for many years. He is the creator of the Vuurmuur firewall project, has been one of the developers at the Snort_inline IPS project. Victor has spent the last years doing contract development on Open Source security software including significant additions to Snort. At the end of 2007 he started development on the OISF codebase on which he now leads the development effort. Victor maintains a blog at and uses twitter at

Geoff Langdale

Principal Engineer at Intel Corporation

Geoff received a PhD from Carnegie Mellon in 2003 and subsequently at CMU, the University of Sydney and Sensory Networks. He was Chief Technology Officer of Sensory Networks and designed the Hyperscan pattern matching engine, leading to several design wins with Tier 1 security vendors and Sensory Networks’ acquisition by Intel Corporation in 2013. He has worked in automata theory, compiler technology and low-level optimization across a range of architectures. Geoff continues to lead development of Hyperscan at Intel.

Eric Leblond

CEO at Stamus Networks, Core Team Member at OISF

Eric is an active member of the security and open source communities. He is a Netfilter Core Team member working mainly on communications between kernel and userland. He works on the development of Suricata, the open source IDS/IPS since 2009 and he is currently one of the Suricata core developers. He is also one of the founders of Stamus Networks, a company providing security solutions based on Suricata.

Peter Manev

Lead QA at OISF
& Security Solution Architect

Peter has 15 years experience in the IT industry, including enterprise level IT security practice. An adamant admirer and explorer of innovative open source security software, Peter is currently a Security Solution Architect. He maintains some additional info points of interest about Suricata:,, and

Will Metcalf

Co-Founder at OISF

Will comes from the government and law enforcement IT Security sector with over nine years experience. In addition Will has had involvement with various open source projects over the years including snort_inline and maintains a blog at In 2012 Will joined the Emerging Threats Pro team as well.

Kelley Misata

Executive Director at OISF

Kelley combines over 15 years in business with a passion for facilitating conversations around responsible digital citizenship, digital safety, and free speech online. Kelley combines her skill in strategic business development with a unique perspective as a survivor of cyberstalking. Drawing on current trends and conversations in digital security with local and federal law enforcement, information security experts and national resources she creates strategies incorporating the human side of information security. Kelley holds a BS in Marketing, an MBA and a PhD in Information Security from Purdue.

Cooper Nelson

Network Security Analyst at UC San Diego

Cooper has twenty years experience in IT and InfoSec, including stints at Bell Labs, AT&T Research, CerfNet, start-ups and grant-funded research projects. He has spent the last 12 years attempting to manage the unmanageable, providing penetration testing, intrusion detection and incident response services for the largest network in San Diego, UC San Diego.

James Pleger

Head of Research at RiskIQ

James focuses his efforts on improving customers’ lives by taking an outside-in approach to security. Part of this effort is ensuring that ad networks and exchanges are able to combat malware and other sources of malicious activities. Additionally, his team focuses on bringing new technologies and detection methodologies to help ensure that they are keeping up with the evolving threat landscape.

Michal Purzynski

Senior Network Security Engineer
at Mozilla Corporation

Michal is part of the Enterprise Information Security team at Mozilla. He protects the Fox. The Firefox. From bad actors. He has designed and deployed the NSM stack in Mozilla datacenters, offices, and cloud. He is one of a two-person team who watches the alerts and reacts, helps with the DFIR, and works closely with the Network Operations team, helping them to review the network architecture (which is changing all the time) from a security point of view.

Zach Rasmor

Senior Software Engineer at Lockheed Martin Computer Incident Response Team

Zach develops a wide variety of custom tools and capabilities to support a large team of analysts. Zach has an ME in Electrical/Computer Engineering from the University of Colorado Boulder, and a BS in Electrical Engineering from the University of Washington.

Jon Schipp

Security Architect at Komand, President at Draconyx, founder & chair at OpenNSM

Jon is the author of ISLET and other tools as well as a contributor to many Free and Open Source Projects including The Netsniff-NG Toolkit, SecurityOnion, and the Bro Project. He has been fortunate enough to have audiences at various conferences including DerbyCon, AIDE, Hack3rCon, BroCon, XSEDE, MOSSCon, and more. He spends his leisure time dabbling in ideas from the social sciences, playing music, building large guitar rigs, and is always down for a game of recreational volleyball.

Charles-H. Schulz

Project Manager at ANSSI (French National Information Security Agency)

Charles-H. is a French technologist, cybersecurity expert, Free Software and Open Standards advocate. A long time contributor to the project, he helped it grow to over a hundred communities and teams. He contributed to the development of the OpenDocument Format standard through the company he co-founded, Ars Aperta. A former director of the OASIS Consortium, he has engaged in digital public policy debates. He is a founding member and former director of the Document Foundation.

Darren Spruell

Threat Researcher at RiskIQ

Darren leads threat response and analysis efforts with the help of RiskIQ’s expansive data set. He has held positions in various industries, leading threat intelligence and incident response initiatives for internal security operations groups and collaborating with external partners and communities. His most recent focus has been in the web threat space, tracking tooling and activity of actors in the malicious traffic distribution space and browser exploit kits.

Gene Stevens

CTO at ProtectWise

Gene is also co-founder of ProtectWise, a startup in the security industry that is disrupting the space with an integrated solution with complete detection and visibility of enterprise threats and accelerated incident response. He has more than 20 years’ experience in software development, cloud computing, security-as-a-service and distributed systems. Prior to founding ProtectWise, he was founder and CTO at TagLabs, a mobile tagging company, and served in senior engineering roles at McAfee, MX Logic and GDX.

Anthony Tellez

Senior Consultant at Splunk

Anthony helps customers leverage Splunk to gain operational intelligence. He has a background in cyber security and international relations. His interests include IoTs, machine learning, cyber warfare, and pen-testing. His previous roles include cloud strategy, data governance, product development, and geospatial analysis. Anthony developed the Splunk TA for Suricata, which integrates Suricata with Splunk for realtime analysis and correlation.

Seth Walters

Senior Research Scientist at Georgia Tech Research Institute

Seth is a senior research scientist at the Georgia Tech Research Institute with a professional focus on cryptography and cybersecurity. He holds an MS in computer science from Johns Hopkins University and a BA in mathematics from Cornell University.

Rich Welch

Senior Software Engineer at ProtectWise

Rich is a senior software engineer at ProtectWise, where he focuses on realtime processing.  His background is high performance computing and machine learning.  He holds MS degrees in Electrical Engineering and Computer Engineering and a BS in Computer Science from Missouri University of Science & Technology.

David Wharton

Security Researcher at SecureWorks Counter Threat Unit

David’s past experience includes penetration testing and intrusion detection and prevention for a top US bank. Now he researches the latest vulnerabilities and threats, and crafts, tests, and deploys Suricata and Snort rules for client devices, protecting them across diverse industries. With more than 15 years’ experience in IT, David is a big supporter of Suricata from its inception, excited by its past success, current community, and bright future. He holds a BS in Computer Science and an MS in Information Security from Georgia Tech.






Intel Corporation






Endace logo





Protectwise Logo

Accolade Technology


David Baumann

Travis Green

Duane Howard

Arun Moothedath

Jack Mott

Brandon Murphy

Netsecuris, Inc.

Arne Oslebo

Michal Purzynski

Michael Shirk

Ted Skinner

Andrew Thornton

Anthony Verez

Ed Sealing



There is a $150 attendance fee for the 3-day conference.

Register Now!


The Hamilton Crowne Plaza, Washington, DC
14th and K Street, NW
Washington, DC 20005
t: 1 800 227 6963


The Hamilton is providing a block of discounted rooms. Space is limited.



Contact Us
For more information
send us an email:

Suricata Training

Add to your conference experience by joining us two days early for a 2-day Suricata training event. Developers and security professionals will have 1:1 time with Suricata’s development team and will walk away with a greater proficiency in Suricata’s core technology. Registered conference attendees will receive a 20% discount on the training event.



Suricata - an open source, high performance Network IDS, IPS and Network Security Monitoring engine.

Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. It is open source and owned by a community-run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF and its supporting vendors.