{"id":148,"date":"2023-12-06T17:44:52","date_gmt":"2023-12-06T12:14:52","guid":{"rendered":"https:\/\/hackzone.in\/blog\/?p=148"},"modified":"2024-08-25T19:31:57","modified_gmt":"2024-08-25T14:01:57","slug":"suricata-7-features-you-need-to-know","status":"publish","type":"post","link":"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/","title":{"rendered":"Suricata 7 Features You Need to Know"},"content":{"rendered":"\n<p>I am going to update you about much-anticipated release of Suricata 7, marking a significant milestone in the evolution of this high-performance Network Threat Detection, IDS, IPS, and Network Security Monitoring engine. The development team at the Open Information Security Foundation (OISF) and the vibrant community have worked tirelessly to bring forth a host of new features, performance improvements, and security enhancements.<\/p>\n\n\n  \r\n    \r\n<div id=\"wpj-jtoc\" class=\"wpj-jtoc wpj-jtoc--main --jtoc-the-content --jtoc-theme-original --jtoc-title-align-left --jtoc-toggle-icon --jtoc-toggle-position-right --jtoc-toggle-1 --jtoc-has-numeration --jtoc-numeration-legacy --jtoc-has-custom-styles --jtoc-is-unfolded --jtoc-align-left\" >\r\n  <!-- TOC -->\r\n        <div class=\"wpj-jtoc--toc wpj-jtoc--toc-inline \" >\r\n              <div class=\"wpj-jtoc--header\">\r\n        <div class=\"wpj-jtoc--header-main\">\r\n                    <div class=\"wpj-jtoc--title\">\r\n                        <span class=\"wpj-jtoc--title-label\">Table of contents<\/span>\r\n          <\/div>\r\n                                <div class=\"wpj-jtoc--toggle-wrap\">\r\n                                                          <div class=\"wpj-jtoc--toggle-box\">\r\n                  <div class=\"wpj-jtoc--toggle\"><\/div>\r\n                <\/div>\r\n                          <\/div>\r\n                  <\/div>\r\n      <\/div>\r\n            <div class=\"wpj-jtoc--body\">\r\n            <nav class=\"wpj-jtoc--nav\">\r\n        <ol class=\"wpj-jtoc--items\"><li class=\"wpj-jtoc--item --jtoc-h2\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h2\" data-depth=\"2\">\r\n                                                <a href=\"#main-features\"  title=\"Main Features\" data-numeration=\"1\">Main Features<\/a>\r\n                    <\/div><ol class=\"wpj-jtoc--items\"><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#1-enhanced-packet-processing-with-dpdk-ids-ips-support\"  title=\"1. Enhanced Packet Processing with DPDK IDS\/IPS Support\" data-numeration=\"1.1\">1. Enhanced Packet Processing with DPDK IDS\/IPS Support<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#2-advanced-af-xdp-ids-support\"  title=\"2. Advanced AF_XDP IDS Support\" data-numeration=\"1.2\">2. Advanced AF_XDP IDS Support<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#3-extended-http-http2-inspection\"  title=\"3. Extended HTTP\/HTTP2 Inspection\" data-numeration=\"1.3\">3. Extended HTTP\/HTTP2 Inspection<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#4-tls-improvements\"  title=\"4. TLS Improvements\" data-numeration=\"1.4\">4. TLS Improvements<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#5-bittorrent-parser\"  title=\"5. Bittorrent Parser\" data-numeration=\"1.5\">5. Bittorrent Parser<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#6-improved-ips-default-drop-behavior\"  title=\"6. Improved IPS Default DROP Behavior\" data-numeration=\"1.6\">6. Improved IPS Default DROP Behavior<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#7-eve-documentation-and-validation\"  title=\"7. EVE Documentation and Validation\" data-numeration=\"1.7\">7. EVE Documentation and Validation<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#8-performance-improvements-across-the-board\"  title=\"8. Performance Improvements Across the Board\" data-numeration=\"1.8\">8. Performance Improvements Across the Board<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#9-stream-buffer-efficiency\"  title=\"9. Stream Buffer Efficiency\" data-numeration=\"1.9\">9. Stream Buffer Efficiency<\/a>\r\n                    <\/div><\/li><\/ol><\/li><li class=\"wpj-jtoc--item --jtoc-h2\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h2\" data-depth=\"2\">\r\n                                                <a href=\"#secure-deployment-and-security-enhancements\"  title=\"Secure Deployment and Security Enhancements\" data-numeration=\"2\">Secure Deployment and Security Enhancements<\/a>\r\n                    <\/div><ol class=\"wpj-jtoc--items\"><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#1-linux-landlock-support\"  title=\"1. Linux Landlock Support\" data-numeration=\"2.1\">1. Linux Landlock Support<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#2-secure-settings-by-default\"  title=\"2. Secure Settings by Default\" data-numeration=\"2.2\">2. Secure Settings by Default<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#3-network-service-header\"  title=\"3. Network Service Header\" data-numeration=\"2.3\">3. Network Service Header<\/a>\r\n                    <\/div><\/li><\/ol><\/li><li class=\"wpj-jtoc--item --jtoc-h2\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h2\" data-depth=\"2\">\r\n                                                <a href=\"#protocol-and-rules-updates\"  title=\"Protocol and Rules Updates\" data-numeration=\"3\">Protocol and Rules Updates<\/a>\r\n                    <\/div><ol class=\"wpj-jtoc--items\"><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#1-expanded-protocol-support\"  title=\"1. Expanded Protocol Support\" data-numeration=\"3.1\">1. Expanded Protocol Support<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#2-rule-keywords-and-rule-set-updates\"  title=\"2. Rule Keywords and Rule Set Updates\" data-numeration=\"3.2\">2. Rule Keywords and Rule Set Updates<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#3-ips-exception-policies\"  title=\"3. IPS Exception Policies\" data-numeration=\"3.3\">3. IPS Exception Policies<\/a>\r\n                    <\/div><\/li><\/ol><\/li><li class=\"wpj-jtoc--item --jtoc-h2\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h2\" data-depth=\"2\">\r\n                                                <a href=\"#output-and-dev-corner\"  title=\"Output and Dev Corner\" data-numeration=\"4\">Output and Dev Corner<\/a>\r\n                    <\/div><ol class=\"wpj-jtoc--items\"><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#1-flexible-packet-capture\"  title=\"1. Flexible Packet Capture\" data-numeration=\"4.1\">1. Flexible Packet Capture<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#2-enhanced-logging-and-debugging\"  title=\"2. Enhanced Logging and Debugging\" data-numeration=\"4.2\">2. Enhanced Logging and Debugging<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#3-development-corner-updates\"  title=\"3. Development Corner Updates\" data-numeration=\"4.3\">3. Development Corner Updates<\/a>\r\n                    <\/div><\/li><\/ol><\/li><li class=\"wpj-jtoc--item --jtoc-h2\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h2\" data-depth=\"2\">\r\n                                                <a href=\"#upgrade-notes\"  title=\"Upgrade Notes\" data-numeration=\"5\">Upgrade Notes<\/a>\r\n                    <\/div><ol class=\"wpj-jtoc--items\"><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#1-pcre2-integration\"  title=\"1. Pcre2 Integration\" data-numeration=\"5.1\">1. Pcre2 Integration<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#2-minimum-supported-rust-version\"  title=\"2. Minimum Supported Rust Version\" data-numeration=\"5.2\">2. Minimum Supported Rust Version<\/a>\r\n                    <\/div><\/li><li class=\"wpj-jtoc--item --jtoc-h3\">\r\n        <div class=\"wpj-jtoc--item-content --jtoc-h3\" data-depth=\"3\">\r\n                                                <a href=\"#3-library-updates\"  title=\"3. Library Updates\" data-numeration=\"5.3\">3. Library Updates<\/a>\r\n                    <\/div><\/li><\/ol><\/li><\/ol>      <\/nav>\r\n          <\/div>\r\n      <\/div>\r\n    <\/div>\r\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_76 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#Main_Features\" >Main Features<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#1_Enhanced_Packet_Processing_with_DPDK_IDSIPS_Support\" >1. Enhanced Packet Processing with DPDK IDS\/IPS Support<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#2_Advanced_AF_XDP_IDS_Support\" >2. Advanced AF_XDP IDS Support<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#3_Extended_HTTPHTTP2_Inspection\" >3. Extended HTTP\/HTTP2 Inspection<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#4_TLS_Improvements\" >4. TLS Improvements<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#5_Bittorrent_Parser\" >5. Bittorrent Parser<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#6_Improved_IPS_Default_DROP_Behavior\" >6. Improved IPS Default DROP Behavior<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#7_EVE_Documentation_and_Validation\" >7. EVE Documentation and Validation<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#8_Performance_Improvements_Across_the_Board\" >8. Performance Improvements Across the Board<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#9_Stream_Buffer_Efficiency\" >9. Stream Buffer Efficiency<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#Secure_Deployment_and_Security_Enhancements\" >Secure Deployment and Security Enhancements<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#1_Linux_Landlock_Support\" >1. Linux Landlock Support<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#2_Secure_Settings_by_Default\" >2. Secure Settings by Default<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#3_Network_Service_Header\" >3. Network Service Header<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#Protocol_and_Rules_Updates\" >Protocol and Rules Updates<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#1_Expanded_Protocol_Support\" >1. Expanded Protocol Support<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-17\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#2_Rule_Keywords_and_Rule_Set_Updates\" >2. Rule Keywords and Rule Set Updates<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-18\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#3_IPS_Exception_Policies\" >3. IPS Exception Policies<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-19\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#Output_and_Dev_Corner\" >Output and Dev Corner<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-20\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#1_Flexible_Packet_Capture\" >1. Flexible Packet Capture<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-21\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#2_Enhanced_Logging_and_Debugging\" >2. Enhanced Logging and Debugging<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-22\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#3_Development_Corner_Updates\" >3. Development Corner Updates<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-23\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#Upgrade_Notes\" >Upgrade Notes<\/a><ul class='ez-toc-list-level-3' ><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-24\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#1_Pcre2_Integration\" >1. Pcre2 Integration<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-25\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#2_Minimum_Supported_Rust_Version\" >2. Minimum Supported Rust Version<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-26\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#3_Library_Updates\" >3. Library Updates<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Main_Features\"><\/span>Main Features<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-table is-style-stripes\"><table class=\"has-accent-color has-text-color has-link-color has-fixed-layout\"><thead><tr><th class=\"has-text-align-left\" data-align=\"left\">Feature\/Aspect<\/th><th>Suricata 6<\/th><th>Suricata 7<\/th><\/tr><\/thead><tbody><tr><td class=\"has-text-align-left\" data-align=\"left\"><\/td><td><\/td><td><\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>Packet Processing<\/strong><\/td><td>DPDK IDS\/IPS 50 support<\/td><td>DPDK IDS\/IPS 60 support for primary mode<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>HTTP\/HTTP2 Inspection<\/strong><\/td><td>Basic header inspection<\/td><td>New keywords added for header inspection<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>TLS Enhancements<\/strong><\/td><td>&#8211;<\/td><td>Client certificate logging and detection<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>Bittorrent Support<\/strong><\/td><td>Not available<\/td><td>Bittorrent parser added by Aaron Bungay<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>IPS Default Behavior<\/strong><\/td><td>Exception policies default to &#8220;Pass&#8221;<\/td><td>Exception policies default to &#8220;Drop&#8221;<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>EVE Logging<\/strong><\/td><td>&#8211;<\/td><td>Documented and validated with a JSON schema<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>Performance Improvements<\/strong><\/td><td>&#8211;<\/td><td>Various performance-related counters, stream buffer optimization<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>Security Enhancements<\/strong><\/td><td>&#8211;<\/td><td>Linux Landlock support, setrlimit usage to prevent process creation<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>Network Protocols<\/strong><\/td><td>Limited protocol support<\/td><td>QUICv1, GQUIC, PostgreSQL, HTTP\/2 improvements<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>Rules and Keywords<\/strong><\/td><td>Basic rule keywords<\/td><td>New rule keywords for DHCP, Kerberos, SNMP, TLS, QUIC<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>Output and Logging<\/strong><\/td><td>Limited conditional packet capture<\/td><td>Conditional packet capture, new &#8220;stream&#8221; EVE output type<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>Dev Corner Updates<\/strong><\/td><td>Not specified<\/td><td>Total code changes, stricter C compiler flags, Rust parser upgrades<\/td><\/tr><tr><td class=\"has-text-align-left\" data-align=\"left\"><strong>Upgrade Notes<\/strong><\/td><td>&#8211;<\/td><td>Pcre2 integration, minimum supported Rust version update, library changes<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"1_Enhanced_Packet_Processing_with_DPDK_IDSIPS_Support\"><\/span>1. <strong>Enhanced Packet Processing with DPDK IDS\/IPS Support<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Suricata 7 introduces DPDK IDS\/IPS 60 support for primary mode, enhancing packet processing capabilities and ensuring optimal performance.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"2_Advanced_AF_XDP_IDS_Support\"><\/span>2. <strong>Advanced AF_XDP IDS Support<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Richard McConnell at Rapid7 contributes AF_XDP IDS 30 support, further expanding the engine&#8217;s capabilities for efficient and high-speed packet processing.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"3_Extended_HTTPHTTP2_Inspection\"><\/span>3. <strong>Extended HTTP\/HTTP2 Inspection<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>New keywords for header inspection in HTTP\/HTTP2 protocols provide enhanced visibility and control over web traffic.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"4_TLS_Improvements\"><\/span>4. <strong>TLS Improvements<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Suricata 7 brings client certificate logging and detection in TLS, bolstering security measures for encrypted communications.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"5_Bittorrent_Parser\"><\/span>5. <strong>Bittorrent Parser<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Aaron Bungay contributes a Bittorrent parser, adding support for this popular peer-to-peer file-sharing protocol.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"6_Improved_IPS_Default_DROP_Behavior\"><\/span>6. <strong>Improved IPS Default DROP Behavior<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Exception policies now default to DROP behavior, enhancing the default security stance for intrusion prevention.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"7_EVE_Documentation_and_Validation\"><\/span>7. <strong>EVE Documentation and Validation<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Event (EVE) logging is documented and validated with a JSON schema, ensuring comprehensive and standardized event reporting.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"8_Performance_Improvements_Across_the_Board\"><\/span>8. <strong>Performance Improvements Across the Board<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Suricata 7 boasts numerous performance improvements, including optimizations in file data processing, SMB, hash calculation, and flow management.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"9_Stream_Buffer_Efficiency\"><\/span>9. <strong>Stream Buffer Efficiency<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The stream buffer, utilized by the stream engine, file tracking, and more, is now more memory-efficient, contributing to overall system optimization.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Secure_Deployment_and_Security_Enhancements\"><\/span>Secure Deployment and Security Enhancements<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"1_Linux_Landlock_Support\"><\/span>1. <strong>Linux Landlock Support<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Eric Leblond introduces Linux Landlock support, enhancing the security posture of Suricata deployments.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"2_Secure_Settings_by_Default\"><\/span>2. <strong>Secure Settings by Default<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Suricata 7 defaults to secure settings for Datasets and Lua, ensuring a robust and secure configuration out of the box.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"3_Network_Service_Header\"><\/span>3. <strong>Network Service Header<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The addition of Network Service Header enhances network service identification, contributing to a more secure network environment.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Protocol_and_Rules_Updates\"><\/span>Protocol and Rules Updates<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"1_Expanded_Protocol_Support\"><\/span>1. <strong>Expanded Protocol Support<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Suricata 7 adds support for QUICv1, GQUIC, PostgreSQL, VN-Tag, and IKEv1, among others, expanding the range of supported protocols.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"2_Rule_Keywords_and_Rule_Set_Updates\"><\/span>2. <strong>Rule Keywords and Rule Set Updates<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>New rule keywords for DHCP, Kerberos, SNMP, TLS, QUIC, and experimental class of keywords through &#8220;frames API&#8221; have been introduced.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"3_IPS_Exception_Policies\"><\/span>3. <strong>IPS Exception Policies<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Exception policies have been added to provide better control over packet handling, especially in conditions like hitting memory caps.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Output_and_Dev_Corner\"><\/span>Output and Dev Corner<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"1_Flexible_Packet_Capture\"><\/span>1. <strong>Flexible Packet Capture<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Conditional packet capture allows packets to be written to disk only after an alert has been triggered, providing flexibility in capturing relevant data.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"2_Enhanced_Logging_and_Debugging\"><\/span>2. <strong>Enhanced Logging and Debugging<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The new &#8220;stream&#8221; EVE output type facilitates debugging of the stream engine, and log engine verdicts on rejected\/dropped\/passed packets for improved visibility.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"3_Development_Corner_Updates\"><\/span>3. <strong>Development Corner Updates<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Suricata 7 includes total code changes, stricter C compiler flags, expanded CI, upgraded Rust parsers, and more, demonstrating a commitment to continuous improvement.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Upgrade_Notes\"><\/span>Upgrade Notes<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"1_Pcre2_Integration\"><\/span>1. <strong>Pcre2 Integration<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Suricata 7.0 now uses pcre2 instead of pcre1 for regular expression matching.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"2_Minimum_Supported_Rust_Version\"><\/span>2. <strong>Minimum Supported Rust Version<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The MSRV (minimum supported Rust version) has been updated to 1.63.0 from 1.41.1 minimum in Suricata 6.0.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"3_Library_Updates\"><\/span>3. <strong>Library Updates<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Support for Prelude (libprelude) has been removed, and Suricata 7.0 requires and bundles libhtp 0.5.45.<\/li>\n<\/ul>\n\n\n\n<p>For more detailed information on upgrading from Suricata 6 to 7, refer to the official documentation [here](<a href=\"https:\/\/github.com\/OISF\/suricata\/blob\/master\/Upgrading\">https:\/\/github.com\/OISF\/suricata\/blob\/master\/Upgrading<\/a> from 6 to 7).<\/p>\n\n\n\n<p>In conclusion, Suricata 7 represents a substantial step forward in network security, with its comprehensive feature set, improved performance, and heightened security measures. The development team and the community continue to demonstrate their dedication to providing a robust and cutting-edge open-source security solution.<\/p>\n\n\n\n<p>To experience the power of Suricata 7 firsthand, download the latest release <a href=\"https:\/\/suricata-ids.org\/download\/\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>I am going to update you about much-anticipated release of Suricata 7, marking a significant milestone in the evolution of this high-performance Network Threat Detection, IDS, IPS, and Network Security Monitoring engine. The development team at the Open Information Security Foundation (OISF) and the vibrant community have worked tirelessly to bring forth a host of [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4,6],"tags":[],"class_list":["post-148","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","category-network-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Suricata 7 Features You Need to Know - Hackzone Cyber Security Blog<\/title>\n<meta name=\"description\" content=\"Explore the latest Suricata 7 features, including advanced protocols, performance improvements, and enhanced security measures. Upgrade your network security with the cutting-edge capabilities of Suricata 7.0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Suricata 7 Features You Need to Know - Hackzone Cyber Security Blog\" \/>\n<meta property=\"og:description\" content=\"Explore the latest Suricata 7 features, including advanced protocols, performance improvements, and enhanced security measures. Upgrade your network security with the cutting-edge capabilities of Suricata 7.0\" \/>\n<meta property=\"og:url\" content=\"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/\" \/>\n<meta property=\"og:site_name\" content=\"Hackzone Cyber Security Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/hackzone.in\" \/>\n<meta property=\"article:published_time\" content=\"2023-12-06T12:14:52+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-08-25T14:01:57+00:00\" \/>\n<meta name=\"author\" content=\"Hack Zone\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Hack Zone\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-7-features-you-need-to-know\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-7-features-you-need-to-know\\\/\"},\"author\":{\"name\":\"Hack Zone\",\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/#\\\/schema\\\/person\\\/21baa23c7ede39c1a491da2e47566bce\"},\"headline\":\"Suricata 7 Features You Need to Know\",\"datePublished\":\"2023-12-06T12:14:52+00:00\",\"dateModified\":\"2024-08-25T14:01:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-7-features-you-need-to-know\\\/\"},\"wordCount\":766,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/#organization\"},\"articleSection\":[\"CyberSecurity\",\"Network Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-7-features-you-need-to-know\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-7-features-you-need-to-know\\\/\",\"url\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-7-features-you-need-to-know\\\/\",\"name\":\"Suricata 7 Features You Need to Know - Hackzone Cyber Security Blog\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/#website\"},\"datePublished\":\"2023-12-06T12:14:52+00:00\",\"dateModified\":\"2024-08-25T14:01:57+00:00\",\"description\":\"Explore the latest Suricata 7 features, including advanced protocols, performance improvements, and enhanced security measures. Upgrade your network security with the cutting-edge capabilities of Suricata 7.0\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-7-features-you-need-to-know\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-7-features-you-need-to-know\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/suricata-7-features-you-need-to-know\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Suricata 7 Features You Need to Know\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/\",\"name\":\"Hackzone Cyber Security\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/#organization\",\"name\":\"Hackzone Cyber Security\",\"url\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/logo-light.png\",\"contentUrl\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/02\\\/logo-light.png\",\"width\":438,\"height\":142,\"caption\":\"Hackzone Cyber Security\"},\"image\":{\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/hackzone.in\",\"https:\\\/\\\/www.instagram.com\\\/hackzone_in\\\/\",\"https:\\\/\\\/wa.me\\\/918700832498\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/#\\\/schema\\\/person\\\/21baa23c7ede39c1a491da2e47566bce\",\"name\":\"Hack Zone\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/acec7ddf53542a85652c7291cc980df70e8e731cdc8bdc2fcd19bad8c0c2b9bb?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/acec7ddf53542a85652c7291cc980df70e8e731cdc8bdc2fcd19bad8c0c2b9bb?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/acec7ddf53542a85652c7291cc980df70e8e731cdc8bdc2fcd19bad8c0c2b9bb?s=96&d=mm&r=g\",\"caption\":\"Hack Zone\"},\"sameAs\":[\"http:\\\/\\\/hackzone.in\\\/blog\"],\"url\":\"https:\\\/\\\/hackzone.in\\\/blog\\\/author\\\/abdulsamad\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Suricata 7 Features You Need to Know - Hackzone Cyber Security Blog","description":"Explore the latest Suricata 7 features, including advanced protocols, performance improvements, and enhanced security measures. Upgrade your network security with the cutting-edge capabilities of Suricata 7.0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/","og_locale":"en_US","og_type":"article","og_title":"Suricata 7 Features You Need to Know - Hackzone Cyber Security Blog","og_description":"Explore the latest Suricata 7 features, including advanced protocols, performance improvements, and enhanced security measures. Upgrade your network security with the cutting-edge capabilities of Suricata 7.0","og_url":"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/","og_site_name":"Hackzone Cyber Security Blog","article_publisher":"https:\/\/www.facebook.com\/hackzone.in","article_published_time":"2023-12-06T12:14:52+00:00","article_modified_time":"2024-08-25T14:01:57+00:00","author":"Hack Zone","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Hack Zone","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#article","isPartOf":{"@id":"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/"},"author":{"name":"Hack Zone","@id":"https:\/\/hackzone.in\/blog\/#\/schema\/person\/21baa23c7ede39c1a491da2e47566bce"},"headline":"Suricata 7 Features You Need to Know","datePublished":"2023-12-06T12:14:52+00:00","dateModified":"2024-08-25T14:01:57+00:00","mainEntityOfPage":{"@id":"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/"},"wordCount":766,"commentCount":0,"publisher":{"@id":"https:\/\/hackzone.in\/blog\/#organization"},"articleSection":["CyberSecurity","Network Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/","url":"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/","name":"Suricata 7 Features You Need to Know - Hackzone Cyber Security Blog","isPartOf":{"@id":"https:\/\/hackzone.in\/blog\/#website"},"datePublished":"2023-12-06T12:14:52+00:00","dateModified":"2024-08-25T14:01:57+00:00","description":"Explore the latest Suricata 7 features, including advanced protocols, performance improvements, and enhanced security measures. Upgrade your network security with the cutting-edge capabilities of Suricata 7.0","breadcrumb":{"@id":"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/hackzone.in\/blog\/suricata-7-features-you-need-to-know\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/hackzone.in\/blog\/"},{"@type":"ListItem","position":2,"name":"Suricata 7 Features You Need to Know"}]},{"@type":"WebSite","@id":"https:\/\/hackzone.in\/blog\/#website","url":"https:\/\/hackzone.in\/blog\/","name":"Hackzone Cyber Security","description":"","publisher":{"@id":"https:\/\/hackzone.in\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/hackzone.in\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/hackzone.in\/blog\/#organization","name":"Hackzone Cyber Security","url":"https:\/\/hackzone.in\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/hackzone.in\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/hackzone.in\/blog\/wp-content\/uploads\/2023\/02\/logo-light.png","contentUrl":"https:\/\/hackzone.in\/blog\/wp-content\/uploads\/2023\/02\/logo-light.png","width":438,"height":142,"caption":"Hackzone Cyber Security"},"image":{"@id":"https:\/\/hackzone.in\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/hackzone.in","https:\/\/www.instagram.com\/hackzone_in\/","https:\/\/wa.me\/918700832498"]},{"@type":"Person","@id":"https:\/\/hackzone.in\/blog\/#\/schema\/person\/21baa23c7ede39c1a491da2e47566bce","name":"Hack Zone","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/acec7ddf53542a85652c7291cc980df70e8e731cdc8bdc2fcd19bad8c0c2b9bb?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/acec7ddf53542a85652c7291cc980df70e8e731cdc8bdc2fcd19bad8c0c2b9bb?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/acec7ddf53542a85652c7291cc980df70e8e731cdc8bdc2fcd19bad8c0c2b9bb?s=96&d=mm&r=g","caption":"Hack Zone"},"sameAs":["http:\/\/hackzone.in\/blog"],"url":"https:\/\/hackzone.in\/blog\/author\/abdulsamad\/"}]}},"_links":{"self":[{"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/posts\/148","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/comments?post=148"}],"version-history":[{"count":2,"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/posts\/148\/revisions"}],"predecessor-version":[{"id":151,"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/posts\/148\/revisions\/151"}],"wp:attachment":[{"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/media?parent=148"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/categories?post=148"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hackzone.in\/blog\/wp-json\/wp\/v2\/tags?post=148"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}