Shifts toward open-source IDS solutions like Snort and Suricata , including rule writing and evasion theory.