11 November 2015

Security Onion Peel Back the Layers of Your Network



Security Onion is a Linux distro for intrusion detection, network security monitoring, and log management. It's based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xplico, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes! 


Our easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes

Analyze your NIDS/HIDS alerts with Squert

Pivot between multiple data types with Sguil and send pcaps to Wireshark and NetworkMiner

Use ELSA to slice and dice your logs

Access full packet capture with CapMe

Snort/Suricata and Bro compiled with PF_RING to handle lots of traffic

Easy updates
Data Types
Alert data - HIDS alerts from OSSEC and NIDS alerts from Snort/Suricata 
Asset data from Prads and Bro 
Full content data from netsniff-ng 
Host data via OSSEC and syslog-ng 
Session data from Argus, Prads, and Bro 
Transaction data - http/ftp/dns/ssl/other logs from Bro 
Ready to peel back the layers of your network? Get Security Onion!

Need help? We have a Help page on our Wiki and we also offer commercial support and training.

See the latest announcements on the blog.

To learn more about installing and using Security Onion, check out our video playlist below.

Security Onion is maintained by Security-Onion-Solutions

No comments: