SELKS Stamus Networks turnkey Suricata-based intrusion detection
Stamus Network Detection and Response (NDR)
Stamus NDR is a broad-spectrum and open network detection and response (NDR) system that delivers:
Response-ready and high-fidelity threat detection from machine learning, stateful logic, and signatures
Open interfaces for SOAR, SIEM, XDR, IR
Support for third-party and custom threat intelligence
Explainable and transparent results with evidence
Integrated guided threat hunting
How Stamus NDR improves your security
Security teams use Stamus Network Detection and Response for automated detection, proactive threat hunting, incident investigation and IT policy enforcement. Ultimately, the system helps security (SecOps) and network (NetOps) operations teams:
Reduce your organization’s risk - uncover known and unknown threats to critical assets from your cloud and on-premise networks.
Eliminate network blindspots - monitor north-south as well as east-west traffic with Stamus Network Probes at all critical points in your cloud and on-premise networks.
Eradicate alert fatigue - the system notifies incident response systems and personnel only when urgent and imminent threats are identified.
Reduce the workload of your SOC analysts - focus your valuable staff on proactive security measures, rather than pouring through 1000s of alerts.
Dramatically accelerate incident response - quickly investigate potential issues with transparent, explainable results, backed up with extensive evidence.
See results immediately - Stamus NDR is easy to install, configure and integrate with other elements of your security tech stack.
Extend your capabilities - leverage third-party threat intelligence and rulesets; and easily transform a threat hunt into custom detection logic.
Uncover hidden threats -because even the most advanced system cannot automatically detect everything, Stamus NDR comes with integrated guided threat hunting that simplifies proactive defense for less-experienced analysts.
SELKS starts with a Suricata intrusion detection and prevention system with its native NSM capabilities. And it adds Kibana to analyze alerts and events, EveBox to correlate flows, archive/comment on events, reporting and PCAP download. Your user interface is the Scirius Community Edition which allows you to configure and manage the Suricata ruleset and perform basic threat hunting.
Suricata is a free and open-source, mature, fast, and robust network threat detection engine. The Suricata engine is capable of real-time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM), and offline PCAP processing.
Suricata inspects the network traffic using a powerful and extensive rules and signature language, and has powerful Lua scripting support for detection of complex threats. With standard input and output formats like YAML and JSON integrations with tools like existing SIEMs, Splunk, Logstash/Elasticsearch, Kibana, and other database become effortless.
SELKS Stamus Networks
Download link : https://www.stamus-networks.com/selks
balenaEtcher link : https://www.balena.io/etcher/
#rhesus