Security Onion

Security Onion
	A screenshot of the default configuration.
Developer	Security Onion Solutions
OS family	Linux (Unix-like)
Working state	Active
Source model	Open-source
Latest release	2.4.70 / May 29, 2024
Official website	securityonionsolutions.com
Support status
	Active

Security Onion is a free and open Linux distribution for threat hunting, enterprise security monitoring, and log management.^[2] Its first release was in 2009.^[3]

Security Onion combines various tools and technologies to provide a robust IDS solution, including:

Suricata and Zeek (formerly Bro): These are network-based IDS tools that monitor network traffic for suspicious activities.
OSSEC: A host-based IDS that monitors system logs and file integrity.
Elasticsearch, Logstash, and Kibana (ELK stack): These tools are used for log management and analysis, allowing for effective visualization and querying of security events.

References

^ "Releases · Security-Onion-Solutions/Securityonion". GitHub.
^ "Security Onion | CISA". www.cisa.gov. Retrieved 2024-06-12.
^ "Security Onion Solutions". securityonionsolutions.com. Retrieved 2024-06-12.

[1] "Releases · Security-Onion-Solutions/Securityonion". GitHub.

[2] "Security Onion | CISA". www.cisa.gov. Retrieved 2024-06-12.

[3] "Security Onion Solutions". securityonionsolutions.com. Retrieved 2024-06-12.

[1]

[2]

[3]

See also

References