The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 11 suricatum Open-Source Projects
-
Suricata
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
-
PacketStreamer
:star: :star: :star: Distributed tcpdump for cloud native environments :star: :star: :star:
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Malcolm
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
-
-
Malcolm
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts. (by idaholab)
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
py-idstools
idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)
-
impulse-xdr
Fully automated host & network intrusion detection platform. Detects malware from behavioural patterns rather than signatures and enables deeper visibility than legacy tools.
Also: - https://github.com/deepfence/PacketStreamer
Project mention: Vector: A high-performance observability data pipeline | news.ycombinator.com | 2024-03-17We're building something similar at Tenzir, but more for operational security workloads. https://docs.tenzir.com
Differences to Vector:
- An agent has optional indexed storage, so you can store your data there and pick it up later. The storage is based on Apache Feather, Parquet's little brother.
- Pipelines operators both work with data frames (Arrow record batches) or chunks of bytes.
- Structured pipelines are multi-schema, i.e., a single pipeline can process streams of record batches with different schemas.
Also have an instance of S1EM - https://github.com/V1D1AN/S1EM - running, monitoring my home LAN, firewall etc. It's huge overkill, and your machine may struggle to run it if you ran anything else with it, but might be worth looking at.
I like this a lot. We have a in-house Snort 2 forwarder that does a similar thing with https://github.com/jasonish/py-idstools and forwards the result directly using HEC. We could use the same code base for dnstap if we wanted.
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
suricata related posts
- How do I ensure safety when making a honeypot?
- How to setup a honeypot with an IDS, ELK and TLS traffic inspection
- How to setup a honeypot with an IDS, ELK and TLS traffic inspection
- How to setup a honeypot with an IDS, ELK and TLS traffic inspection
- How to setup a honeypot with an IDS, ELK and TLS traffic inspection
- Getting a lot of BF attempts on my server, any tips/ways to cut this out?
- Rules update during system installation
-
A note from our sponsor - WorkOS
workos.com | 24 Apr 2024
Index
What are some of the best open-source suricatum projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | Suricata | 4,034 |
| 2 | PacketStreamer | 1,855 |
| 3 | Malcolm | 1,736 |
| 4 | tenzir | 609 |
| 5 | pulledpork | 415 |
| 6 | S1EM | 385 |
| 7 | Malcolm | 309 |
| 8 | py-idstools | 268 |
| 9 | how-to-setup-a-honeypot | 139 |
| 10 | impulse-xdr | 99 |
| 11 | SplunkDashboards | 49 |
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com