i’m new to Suricata and IDS/IPS.
I’m thinking of protecting some hosts with Suricata. I think that the quality of an IDS stands and falls with the quality and up-to-dateness of the rules. Correct ?
How often are the rules for Suricata updated ? Can i automate the procedure of updating the rules ?