Suricata is a threat detection engine.
By combining intrusion detection (IDS), intrusion prevention (IPS), network security monitoring (NSM) and PCAP processing, Suricata can quickly identify, stop, and assess even the most sophisticated attacks.
This is free and open source software.
Key Features
- IDS/IPS – implements a complete signature language to match on known threats, policy violations and malicious behaviour. Suricata will also detect many anomalies in the traffic it inspects. Suricata is capable of using the specialized Emerging Threats Suricata ruleset and the VRT ruleset.
- NSM – HTTP requests, log and store TLS certificates, extract files from flows and store them to disk. The full pcap capture support allows easy analysis.
- High performance – a single Suricata instance is capable of inspecting multi-gigabit traffic. The engine is built around a multi threaded, modern, clean and highly scalable code base.
- Automatic Protocol Detection – automatically detect protocols such as HTTP on any port and apply the proper detection and logging logic. This greatly helps with finding malware and CnC channels.
- Lua scripting.
Website: suricata.io
Support: Documentation, GitHub Code Repository
Developer: Open Information Security Foundation
License: GNU General Public License v2.0
Suricata is written in C and Rust. Learn C with our recommended free books and free tutorials. Learn Rust with our recommended free books and free tutorials.
Related Software
| Network Intrusion Detection Systems | |
|---|---|
| Snort | Intrusion detection/prevention with real-time traffic analysis/packet logging |
| Suricata | High performance Network IDS, IPS and Network Security Monitoring engine |
| Zeek | (formerly Bro) Powerful network analysis framework |
| Mailtrail | Lightweight malicious traffic detection system |
| Security Onion | Platform built by defenders for defenders |
| Kismet | Wireless intrusion detection, wireless network and device detector, and more |
| psad | Intrusion detection and log analysis with iptables |
| Sagan | Multi-threads, high performance log analysis engine |
Read our verdict in the software roundup.
 Explore our comprehensive directory of recommended free and open source software. Our carefully curated collection spans every major software category.This directory is part of our ongoing series of informative articles for Linux enthusiasts. It features hundreds of detailed reviews, along with open source alternatives to proprietary solutions from major corporations such as Google, Microsoft, Apple, Adobe, IBM, Cisco, Oracle, and Autodesk. You’ll also find interesting projects to try, hardware coverage, free programming books and tutorials, and much more. Know a useful open source Linux program that we haven’t covered yet? Let us know by completing this form. |