<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2180921&amp;fmt=gif">

Let’s talk about SELKS 3.0RC1

After some hard team work, Stamus Networks is proud to announce the availability of SELKS 3.0RC1.

SELKS is both Live and installable Network Security Management ISO based on Debian implementing and focusing on a complete and ready to use Suricata IDS/IPS ecosystem with its own graphic rule manager. Stamus Networks is a proud member of the Open Source community and SELKS is released under GPLv3 license.

This is a the release candidate of a new major branch with an updated storage visualization stack and latest Suricata.

New Features

  • Suricata IDS/IPS/NSM 3.0.x - latest git master suricata packaged.
  • Elasticsearch 2.3  - latest available ES edition featuring speed, scalability, security improvements and more.
  • Logstash 2.3 - performance improvement ES 2.3 compatability, dynamically reload pipelines on the fly and more
  • Kibana 4.5 - taking advantage of the latest features and performance improvement of ES
  • Scirius 1.1.6 - support for xbits, hostbits, thresholding, suppression, backup and more
  • Evebox - alert management/viewer interface for Suricata/ES  allowing easy export of payload into pcaps

SELKS comes with 11 ready to use Kibana dashboards using more than 190 visualisations.

Please feel free to try it out, spread the word, feedback and let's talk about SELKS 3.0.

Thresholding-2 Thresholding with Scirius

Thresholding Suppression with Scirius

Thresholding-1 Threshold and suppress ruleset view with Scirius

 

Pcap-1 Payload pcap generation (Evebox)

Pcap-2 Payload pcap generation (Evebox)

 

Dashboard-3 Dashboards

Dashboard-1 Dashboards

 

 

 

To get you started (the download link is below this paragraph):

Once installed in order to upgrade all components follow the guide here.

Usage and logon credentials (OS user)  - user: selks-user, password: selks-user (password in Live mode is live). The default root password is - StamusNetworks

Upon log in double click the Scirius icon on the desktop. Credentials are  - user: selks-user, password: selks-user. In the left upper corner click the drop down menu and choose "ALL" dashboards. Choose default index(click on logstash-* and then the green star) as depicted below. Then choose "Dashboards" and choose your desired dashboards from the 11 available.

enable-index-kibana

 

More about SELKS 3.0RC1

Peter Manev

Peter Manev is the co-founder and chief strategy officer (CSO) at Stamus Networks. He is a member of the executive team at Open Network Security Foundation (OISF). Peter has over 15 years of experience in the IT industry, including enterprise-level IT security practice. He is a passionate user, developer, and explorer of innovative open-source security software, and he is responsible for training as well as quality assurance and testing on the development team of Suricata – the open-source threat detection engine. Peter is a regular speaker and educator on open-source security, threat hunting, and network security at conferences and live-fire cyber exercises, such as Crossed Swords, DeepSec, Troopers, DefCon, RSA, Suricon, SharkFest, and others. Peter resides in Gothenburg, Sweden.

Schedule a Demo of Stamus Security Platform

REQUEST A DEMO

Related posts

Introducing Clear NDR™

At Stamus Networks, we have always been driven by a commitment to openness, transparency, and...

SELKS 10: The Next Big Leap for Open-Source Network Security

Stamus Networks is pleased to announce the release and availability of SELKS 10, the newest version...