In "Practical Network Signature Development for Open Source IDS" we will teach expert methods and techniques for writing network signatures to efficiently detect the greatest threats facing organizations today. Students will gain invaluable information and knowledge including the configuration, usage, architecture, traffic analysis fundamentals, signature writing, and testing of a modern network IDS, such as Suricata and Snort. Student will be given handouts to help them develop and read with IDS signatures. Lab exercises will train students how to analyze and interpret hostile network traffic into agile IDS rules for detecting threats, including but not limited to: Exploit Kits, Ransomware, Phishing Attacks, Crimeware Backdoors, Targeted Threats, and more. Students will leave the class armed with the knowledge of how to write quality IDS signatures for their environment, enhancing their organization's ability to respond and detect threats.