Bricata’s detection engine is a high-performance signature engine, compatible with Snort and Suricata rules, optimized for modern hardware.

Bricata is a network cybersecurity solution supplier helping organizations harness the power of complete network visibility to detect, hunt, and prevent threats with the only commercialized open source and partner developed malware conviction engine.

Conventional IDS/IPS systems have lacked the innovation needed to address advanced threats, evidenced by the wide-scale adoption of Open Source solutions. Bro and Suricata are two of the leading engines many teams are using to create tools; but like most open source technologies, they can be difficult to build, deploy, and maintain in-house without the right expertise.

Bricata is closing the gap by delivering the first network security sensors with integrated Bro and Suricata engines. We simplify operations and maintenance with a middleware layer and central management console that makes signature, script, and policy management much easier, and delivers enterprise scalability with enhanced usability and performance.

About Suricata


Suricata is a free and open source, mature, fast, and robust network threat detection engine capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM), and offline pcap processing. Suricata inspects the network traffic using a powerful and extensive rules and signature language, and has powerful Lua scripting support for detection of complex threats. With standard input and output formats like YAML and JSON integrations with tools like existing SIEMs, Splunk, Logstash/Elasticsearch, Kibana, and other database become effortless. Suricata’s fast paced community driven development focuses on security, usability and efficiency.

The Suricata project and code is owned and supported by the Open Information Security Foundation (OISF), a non-profit foundation committed to ensuring Suricata’s development and sustained success as an open source project.

Optimized Signature Engine


With Suricata, Bricata leverages multi-threaded and multi-processor systems to inspect more traffic and employ a larger rules base. Greater performance means better detection. You can’t detect what you don’t inspect.

 More Rules, Faster Connections

Multiple Threat Intelligence Sources

Powerful Control, Greater Flexibility

From the Blog


How Bro IDS can Help Security Capture Institutional Knowledge for Cyber Alert Enrichment and Better Network Traffic Analysis [#BroCon Session]

September 25, 2018

A presentation at BroCon will demonstrate how Bro IDS can be used to capture institutional knowledge among security analysts while also providing better network traffic analysis and preparing for machine learning applications of the future....

Read More

Fileless Attacks Reinforce the Need for Multiple Methods of Detection [infographic]

Fileless attacks evade traditional signature detection methods because these are launched from memory. A Poneman study shows fileless attacks are becoming more prominent and successful part of cyber attacks....

Read More

Too Many Tools? How Many Tools does the SOC Have?

Studies show the security operations center (SOC) may have anywhere from 10 to 100 cybersecurity tools. The real problem, however, isn’t the number of tools, but the lack of integration....

Read More
Bricata Delivers New Network Security Options for the Cloud
Threat Hunting Platform Available on AWS, Supports VMWare and Linux KVM; Provides Greater Visibility Across Hybrid Cloud and On-Premises Environments
+ +