Security Onion
 | The topic of this article may not meet Wikipedia's general notability guideline. (April 2025) |
 |
 | |
 A screenshot of the default configuration. | |
| Developer | Security Onion Solutions |
|---|---|
| OS family | Linux (Unix-like) |
| Working state | Active |
| Source model | Open-source |
| Latest release | 2.4.70[1] / May 29, 2024 |
| Official website | securityonionsolutions |
| Support status | |
| Active | |
Security Onion is a free and open Linux distribution for threat hunting, enterprise security monitoring, and log management.[2] It was developed by Doug Burks in 2008.[3] Its first release was in 2009.[4] It was originally based on Xubuntu 10.04.[5]
Version 2.4.140 was released on March 24, 2025.[6]
Security Onion combines various tools and technologies to provide a robust IDS solution, including:
- Suricata and Zeek (formerly Bro): These are network-based IDS tools that monitor network traffic for suspicious activities.
- OSSEC: A host-based IDS that monitors system logs and file integrity.
- Elasticsearch, Logstash, and Kibana (ELK stack): These tools are used for log management and analysis, allowing for effective visualization and querying of security events.
See also
[edit]References
[edit]- ^ "Releases · Security-Onion-Solutions/Securityonion". GitHub.
- ^ "Security Onion | CISA". www.cisa.gov. Retrieved 2024-06-12.
- ^ Anson, Steve (2020). Applied incident response. Indianapolis: John Wiley and Sons. ISBN 978-1-119-56026-5.
- ^ "Security Onion Solutions". securityonionsolutions.com. Retrieved 2024-06-12.
- ^ Grant, Nicholas (2014). Unified communications forensics: anatomy of common UC attacks. Joseph Shaw. Waltham, MA: Syngress. ISBN 978-0-12-404605-4.
- ^ Kaaviya (2025-03-25). "Security Onion 24.10 Released - What's New". Cyber Security News. Retrieved 2025-04-23.
- ^ Ackerman, Pascal (2021). Industrial Cybersecurity (2nd ed.). Packt Publishing. ISBN 978-1-80020-582-6.