Security Onion
| Security Onion | |
|---|---|
|  | |
|  A screenshot of the default configuration. | |
| Developer | Security Onion Solutions | 
| OS family | Linux (Unix-like) | 
| Working state | Active | 
| Source model | Open-source | 
| Latest release | 2.4.70[1] / May 29, 2024 | 
| Official website | securityonionsolutions | 
| Support status | |
| Active | |
Security Onion is a free and open Linux distribution for threat hunting, enterprise security monitoring, and log management.[2] It was developed by Doug Burks in 2008.[3] Its first release was in 2009.[4] It was originally based on Xubuntu 10.04.[5]
Version 2.4.140 was released on March 24, 2025.[6]
Security Onion combines various tools and technologies to provide a robust IDS solution, including:
- Suricata and Zeek (formerly Bro): These are network-based IDS tools that monitor network traffic for suspicious activities.
- OSSEC: A host-based IDS that monitors system logs and file integrity.
- Elasticsearch, Logstash, and Kibana (ELK stack): These tools are used for log management and analysis, allowing for effective visualization and querying of security events.
See also
References
- ^ "Releases ยท Security-Onion-Solutions/Securityonion". GitHub.
- ^ "Security Onion | CISA". www.cisa.gov. Retrieved 2024-06-12.
- ^ Anson, Steve (2020). Applied incident response. Indianapolis: John Wiley and Sons. ISBN 978-1-119-56026-5.
- ^ "Security Onion Solutions". securityonionsolutions.com. Retrieved 2024-06-12.
- ^ Grant, Nicholas (2014). Unified communications forensics: anatomy of common UC attacks. Joseph Shaw. Waltham, MA: Syngress. ISBN 978-0-12-404605-4.
- ^ Kaaviya (2025-03-25). "Security Onion 24.10 Released - What's New". Cyber Security News. Retrieved 2025-04-23.
- ^ Ackerman, Pascal (2021). Industrial Cybersecurity (2nd ed.). Packt Publishing. ISBN 978-1-80020-582-6.