Intrusion Detection and Prevention Systems (IDS/IPS) are often seen as enterprise-only tools, but they don't have to be costly or complex. Open-source solutions like Suricata make network monitoring accessible for small offices, home offices (SOHO), and even personal HomeLabs—often for under €100 using everyday hardware.

In this session, we'll explore why network monitoring is essential in these environments, especially for incident response, where traditional endpoint logs (antivirus, Windows events) are frequently insufficient or already deleted. We'll cover affordable deployment options, including managed switches or MikroTik routers for traffic mirroring, and low-power devices like thin clients to run Suricata alongside lightweight SIEM tools. You'll see a live setup on Alpine Linux, with automated pipelines for log collection, analysis, and real-time alerts sent via webhooks to Discord, Telegram, Slack, or Teams.

The session wraps up with a quick demo of a phishing attack involving malware, showcasing how Suricata detects and notifies on malicious traffic. Join us to learn how to enhance your home or small network security without breaking the bank.