I spent years building commercial security appliances. Here is why Shivani Bhardwaj’s return to FOSSASIA supports the shift in who owns network defense.

In the early 2000s, I served as CTO of CounterSnipe. Our core business was building Network Intrusion Prevention System (NIPS) appliances. At the time, the industry revolved around Snort. It was the engine that powered the sector, and for many years, if you wanted serious traffic analysis, you bought a black box appliance and hired a team to watch it. Today the landscape of network defense is shifting. The boundary between enterprise security and personal privacy is dissolving.

The Enterprise-Only Myth

There is a long-standing assumption that Intrusion Detection Systems (IDS) are too complex for smaller deployments. The argument goes that without a dedicated Security Operations Center (SOC), the data is useless.

I disagree. And it seems the Open Information Security Foundation (OISF) does too. Yesterday, the Suricata team hosted a webinar specifically on Suricata in Homelab and SOHO, validating a growing trend: individuals and small organizations are no longer content to rely on opaque ISP routers or basic firewalls. They want the same visibility that the banks have. They want to see the traffic on their own wire.

The Governance Advantage

This democratization is why I am so pleased to include Suricata in this year’s track.

Unlike the tools of my CounterSnipe days, Suricata is backed by a non-profit foundation (OISF). This matters. In my talk last year on addressing the limits of the F/OSS approach, I identified foundations as homes for F/OSS projects as one of the mechanisms for ensuring that a project serves its community, not just a vendor’s shareholders.

Governance is a security feature. In this case it ensures that the eyes of the network remain open.

Welcome Back: Shivani Bhardwaj

This brings me to our speaker. I am delighted to welcome Shivani Bhardwaj back to the FOSSASIA Summit (she previously spoke in 2024, also on Suricata).

Shivani is the ideal person to bridge the gap between hardcore engineering and community access:

• As a Suricata developer, she works on the heavy lifting—writing the C and Rust code that makes Suricata fast enough to handle modern throughput.
• As an Outreachy mentor, she helps underrepresented groups break into open source system programming.

She understands that building a tool is only half the battle; teaching people to use it is equally important.

The Session: Hands-On Defense

On Monday, March 9, Shivani is leading a session titled A demonstration of hands-on network security with Suricata.

This is not a sales pitch. It is a practitioner’s workshop designed to turn you into the analyst. She will cover:

• How to get enterprise-grade inspection running on your own hardware.
• How to write custom signatures so you catch what you care about (privacy leaks, IoT chatter) without drowning in noise.
• How to modify existing signatures to expose the details that you care about.

Why This Matters

You don’t need a SOC to benefit from better visibility. Whether you are a student, a privacy advocate, or a sysadmin, you have the right to understand what is entering and leaving your network.

Come to Bangkok to learn the tool. Stay to support the community that keeps it open.

Join Us

• Session: A demonstration of hands-on network security with Suricata
• Speaker: Shivani Bhardwaj
• Track: Cybersecurity & Privacy
• When: March 9, 02:45 PM
• Tickets: EventYay