What is Suricata and how it works as a next-generation IDS/IPS engine. Installation, rule configuration, and operating modes — passive (IDS) and inline (IPS).

How LKRG (Linux Kernel Runtime Guard) works — a kernel module protecting against rootkits and privilege escalation exploits. Installation and comparison with Grsecurity.