Security News > 2024 > June > SELKS: Open-source Suricata IDS/IPS, network security monitoring, threat hunting
SELKS is a free, open-source, turnkey solution for Suricata-based network intrusion detection and protection, network security monitoring, and threat hunting.
Since all the data in SELKS is generated by the Suricata engine, it is popular among network security practitioners who explore the capabilities of Suricata IDS/IPS/NSM and analyze the network protocol monitoring logs and alerts it generates.
"We developed SELKS 10 years ago because we felt organizations without enterprise-level budgets and resources also needed the opportunity to protect their networks and secure their business. Our plans are to expand the community and interaction and make it cloud-native," Peter Manev, Chief Strategy Officer, Stamus Networks, told Help Net Security.
SELKS users can now capture selected packets associated with detection events and then export those packets from the hunting interface.
All PCAPs are de-duplicated, stored only once on the sensor, and made available for download as evidence or for playback into SELKS or third-party tools such as Wireshark.
SELKS 10 adds the latest capabilities of Arkime - bulk search, improved session detail display, unified configs, unified authentication, additional multiviewer support, and offline PCAP retrieval improvements.
News URL
Related news
- 5 reasons to double down on network security (source)
- The Future of Network Security: Automated Internal and External Pentesting (source)
- MUT-1244 targeting security researchers, red teamers, and threat actors (source)
- Deloitte says cyberattack on Rhode Island benefits portal carries 'major security threat' (source)
- Vanir: Open-source security patch validation for Android (source)
- Are threat feeds masking your biggest security blind spot? (source)
- Week in review: MUT-1244 targets both security workers and threat actors, Kali Linux 2024.4 released (source)
- Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them (source)
- Balancing proprietary and open-source tools in cyber threat research (source)
- Sara: Open-source RouterOS security inspector (source)