Suricata

Suricata is IPS/IDS.

Social links:
Platforms:
By:oisf
screenshot of suricata

Key features

Suricata is not just another it is far more than typical IPS/IDS. Faster, better than snort, can handle large traffic and works seamlessly. It has all features of IDS/IPS. Unlike snort it can run on windows,mac and linux which makes it better alternative and cross platform compatible.

Suricata powerful, flexible and best at its work

  • Suricata support multi-threading taking advantage of multi-core processor for better performance and scalability.
  • Capable of analyzing network in real-time and detecting suspicious behavior.
  • The engine also has capability to extract file from network traffic.
  • Flow bit support for more complex and context aware rule matching.
  • Suricata can inspect and analyze HTTP and TLS traffic.
  • Support for both IPv4 and IPv6.
  • Allow you to use Emerging Threats Open ruleset, and community driven ruleset that help detecting new and evolving threats.

Use cases

  • Vulnerability scanning
  • Protocol analysis
  • Malware detection
  • Forensic ...and much more.