Bricata is a complete network monitoring and protection solution. The system is comprised of sensors used to instrument networks and a Central Management Console (CMC) that aggregates data from the sensors for threat hunting and investigation. It delivers network visibility, threat detection, threat hunting and investigation, and prevention in a single, self-contained, easy-to-use system.
Conventional IDS/IPS systems have lacked the innovation needed to address advanced threats, evidenced by the wide-scale adoption of open source technologies. Suricata and Zeek (formerly Bro) are two of the leading engines many teams are using to create tools; but like most open source technologies, they can be difficult to build, deploy, and maintain in-house without the right expertise.
Bricata is closing the gap by delivering the first network security sensors with integrated Suricata and Zeek engines. We simplify operations and maintenance with a centralized management console that auto-manages threat intelligence, signatures, scripts, and policies.
Suricata is a free and open source, mature, fast, and robust network threat detection engine capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM), and offline pcap processing. Suricata inspects the network traffic using a powerful and extensive rules and signature language. With standard input and output formats like YAML and JSON integrations with tools like existing SIEMs, Splunk, Logstash/Elasticsearch, Kibana, and other databases become effortless. Suricata’s fast-paced community driven development focuses on security, usability and efficiency.
The Suricata project and code is owned and supported by the Open Information Security Foundation (OISF), a non-profit foundation committed to ensuring Suricata’s development and sustained success as an open source project.
More Rules, Faster Connections. Multiple Threat Intelligence Sources. Powerful Control, Greater Flexibility.
June 4, 2019
“ESG research indicates network security monitoring is most often the center of gravity for threat detection. In other words, SOC analysts detect suspicious......Read More
Open source security tools often start as cost-saving DIY projects inside cybersecurity organizations, but as the network grows, these take more time to maintain and manage, which detracts from the task of actually protecting the network. ...Read More
Open source technology for network security and intrusion detection is evolving to meet new threats. This post reviews the history, alongside the advantages and drawbacks of three popular open source technologies for IDS in Snort, Suricata, and Bro. ...Read More