Bricata employs a network behavior engine, customizable using Bro Script, allowing identification of network anomalies.

Bricata is a network cybersecurity solution supplier helping organizations harness the power of complete network visibility to detect, hunt, and prevent threats with the only commercialized open source and partner developed malware conviction engine.

Conventional IDS/IPS systems have lacked the innovation needed to address advanced threats, evidenced by the wide-scale adoption of Open Source solutions. Bro and Suricata are two of the leading engines many teams are using to create tools; but like most open source technologies, they can be difficult to build, deploy, and maintain in-house without the right expertise.

Bricata is closing the gap by delivering the first network security sensors with integrated Bro and Suricata engines. We simplify operations and maintenance with a middleware layer and central management console that makes signature, script, and policy management much easier, and delivers enterprise scalability with enhanced usability and performance.

Built on the advanced open source IPS engines Bro and Suricata, Bricata is a cost-effective, commercial-grade system optimized for multi-location and high bandwidth deployments.


ABOUT BRO: While focusing on network security monitoring, Bro provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Bro has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber infrastructure. Bro’s user community includes major universities, research labs, super computing centers, and open-science communities.

Miss us at BroCon 2017?


No worries. We’ve got everything you need to get caught up.

Our own Adam Pumphrey presented A Bro Primer, which aimed to help those new to Bro get more familiar with its core concepts and gain a better understanding of the various ways it can be used. It is easy to recognize the forensic and network defense value Bro’s network traffic logs provide, but learning the programming language can seem like a daunting task. Unfortunately, a sound understanding of the Bro programming language and how it can be used to interact with captured network traffic is necessary to begin to realize Bro’s full potential.

From the Blog


One Environment – Three Objectives Satisfied

August 20, 2019

Whether a security analyst is aiming for better network visibility, investigating a security alert or threat hunting, the right environment makes all the difference....

Read More

Building a Culture of Security: 73 articles Summarizing Black Hat USA 2019

If there was a common theme at the 2019 Black Hat USA conference in Las Vegas, it may well have been security culture. Culture emerged in some of the most prominent sessions and talks, including, notably, a keynote address by Dai Zovi and a session presented by Equifax CISO Jamil Farshchi....

Read More

8 Actionable Tips a CISO Can use to Communicate to the Board or C-suite

The growing importance of security to business has made communicating with a board of directors an essential duty for a CISO – here are some tips for getting your message across....

Read More
Bricata Included as a Representative Vendor in a new Market Guide for Intrusion Detection and Prevention Systems by Gartner, Inc.
“IDS is still a widely deployed use case. Despite claims of IDS being dead, it is alive and well, and in use by a large percentage of Gartner clients,” wrote Gartner analysts.
+ +