If you work in network security, you probably already know Suricata. It’s been the go-to open-source engine for network threat detection for years, and now it just got a major upgrade with Suricata 8.

At Enea, we’re thrilled to be part of this moment. We’ve renewed our Gold-level partnership with the Open Information Security Foundation (OISF), the nonprofit behind Suricata, and we’re continuing to contribute both funding and deep technical expertise to help keep Suricata freely available and moving forward for the global security community.

We’ve always believed in Suricata, and we appreciate the unique value Suricata brings to Enea’s Qosmos Threat Detection SDK (TD-SDK), which is a C library that makes it easy to incorporate DPI-based threat and intrusion detection into networking and security products.

Why Suricata + Enea Is a Game-Changer

Here’s why this combination matters.

Suricata brings world-class threat detection rules.
Enea brings deep packet inspection (DPI) visibility that shows exactly what  traffic is flowing through the network.

• Improved detection accuracy: The combination of Suricata + Enea DPI helps ensure rules are applied correctly even when bad actors try to hide behind spoofing or tunneling.
• Reduced false positives: DPI context is an excellent tool for filtering out noise.
• More efficient investigations: Suricata-raised alerts are complemented with DPI network insights enabling faster alert resolution.
• Flexible customization: The SDK format supports tight, bespoke integration into 3^rd party applications.
• Enhanced performance & scaling: The combination of Suricata + Enea DPI eliminates duplicate packet parsing and features optimizations for commercial-grade deployments on multiple use cases.

Suricata 8 makes this combo even stronger

Among many enhancements, version 8 features the largest expansion of detection keywords to date, with the addition of 107 new keywords.  It also introduces a new ‘JSON Data for Datasets’ feature that enables contextual insights about Indicators of Compromise (IoCs) to be inserted directly into alert records.

Enhancements like these together with granular traffic intelligence from Enea’s DPI engine (Enea Qosmos ixEngine) will drive IDS innovation and shape Enea’s TD SDK making it an unbeatable tool for delivering advanced intrusion detection systems at scale.

Suricata 8 is raising the bar for open-source threat detection.
With Enea, it goes even higher.

To find out more about Qosmos TD SDK and how the combination of Suricata and Enea’s DPI boosts network security solution performance, click here.

Or meet with us at SuriCon 2025!

Join (Mohamed) Amine Larabi, VP R&D, Arezki Laga, Senior Research Engineer & Innovation Lead, and myself, Michael Neiswender, Sales Director, at SuriCon, the Suricata community conference (19 – 21 November, Montreal).

Amine and Arezki will present a session in the SuriCon conference on how to detect evolving malware without having to continuously create new rules by using a signature-based approach.

To find out more or to book a meeting, click here.