Stamus Networks Blog

We believe that sharing information is necessary to improve global security. The purpose of this blog is to share our experiences, perspectives and experiments.

Subscribe to our Blog

Blog /
Showing 41 results
of 41 items.
Reset All

Category

Recent Posts

Unpacking the 2024 Gartner® NDR Market Guide: The Return of IDS by Dallon Robinette

Unpacking the 2024 Gartner® NDR Market Guide: The Return of IDS

Aug 15, 2024 Dallon Robinette
Network Detection and Response, Stamus Security Platform, IDS-IPS

Over the course of the last decade, Network Detection and Response (NDR) naturally evolved out of...

Read More
Threat Hunting with the Open Lateral Movement Ruleset for Suricata by Peter Manev

Threat Hunting with the Open Lateral Movement Ruleset for Suricata

Jul 04, 2024 Peter Manev
SELKS, Open Source, Threat Hunting, Network Security Monitoring, IDS-IPS, Stamus Labs

In November of 2022 we announced a Suricata ruleset specifically focused on detecting lateral...

Read More
Jupyter Playbooks for Suricata Pt. 4 by Markus Kont

Jupyter Playbooks for Suricata | Part 4

Aug 31, 2023 Markus Kont
Open Source, Suricata, IDS-IPS, Stamus Labs, Jupyter Notebook

Back in 2022, I did a Suricon presentation titled Jupyter Playbooks for Suricata. This led into a...

Read More
A Practicle Guide to Small Office / Home Office Network Visibility with SELKS: Part 1 - Equipment Selection

A Practical Guide to Small Office / Home Office Network Visibility with SELKS: Part 1 - Equipment Selection

Jul 21, 2023 Alexander Nedelchev
SELKS, Open Source, Suricata, Network Security Monitoring, IDS-IPS, Stamus Labs

Have you ever counted how many computer devices, smart IoT gadgets, TV’s, kitchen appliances,...

Read More
Just Released: Suricata 7 by Andreas Herz

Just Released: Suricata 7

Jul 19, 2023 Andreas Herz
Open Source, Suricata, Network Security Monitoring, IDS-IPS

Yesterday (18-July-2023) the OISF announced the general availability of Suricata version 7. It’s...

Read More
Proactive Defense: Exploring Network Detection and Response by Stamus Networks Team

Proactive Defense: Exploring Network Detection and Response

Jun 02, 2023 Stamus Networks Team
Network Detection and Response, Stamus Security Platform, IDS-IPS

Network security plays a crucial role in today's digital landscape as it safeguards sensitive...

Read More
Accelerate Suricata Rule Writing with Suricata Language Server v0.9.0 by Éric Leblond

Accelerate Suricata Rule Writing with Suricata Language Server v0.9.0

Apr 28, 2023 Eric Leblond
Open Source, Suricata, IDS-IPS, Stamus Labs

Writing Suricata rules has never been easier or faster since the release of the Suricata Language...

Read More
Analyzing Network Traffic with Kibana Dashboards in SELKS: the SN-Hunt-1 Dashboard Part 3 By Rosita Kyuchukova

Analyzing Network Traffic with Kibana Dashboards in SELKS: the SN-Hunt-1 Dashboard Part 3

Apr 20, 2023 Rositsa Kyuchukova
SELKS, Open Source, Threat Hunting, Suricata, IDS-IPS, Stamus Labs, Kibana

Earlier this week, we introduced the second set of visualizations provided by the SN-Hunt-1 Kibana...

Read More
Analyzing Network Traffic with Kibana in SELKS: the SN-Hunt-1 Dashboard Part 2 by Rosita Kyuchukova

Analyzing Network Traffic with Kibana in SELKS: the SN-Hunt-1 Dashboard Part 2

Apr 18, 2023 Rositsa Kyuchukova
SELKS, Open Source, Threat Hunting, Suricata, IDS-IPS, Stamus Labs, Kibana

Last week, we introduced the first set of visualizations provided by the SN-Hunt-1 Kibana dashboard...

Read More
Jupyter Playbooks for Suricata - Part 3 by Markus Kont

Jupyter Playbooks for Suricata | Part 3

Apr 14, 2023 Markus Kont
Open Source, Suricata, IDS-IPS, Stamus Labs, Jupyter Notebook

This is the third post in a series based on my Suricon 2022 talk Jupyter Playbooks for Suricata....

Read More
Analyzing-Network-Traffic-With-Kibana-Dashboards-in-SELKS-SN-Hunt-1-Dashboard-part1

Analyzing Network Traffic with Kibana in SELKS: the SN-Hunt-1 Dashboard Part 1

Apr 12, 2023 Rositsa Kyuchukova
SELKS, Open Source, Threat Hunting, Suricata, IDS-IPS, Stamus Labs, Kibana

Keeping your network secure can feel like an endless game of cat and mouse. But with SELKS and its...

Read More
Stamus-Suricata-Surprises-NSM-Enriched-Alerts

The Hidden Value of Suricata Detection Events: NSM-Enriched IDS Alerts

Mar 30, 2023 Eric Leblond
Threat Hunting, Suricata, Network Security Monitoring, IDS-IPS

If you use Suricata, then you are familiar with the way Suricata generates detection events —...

Read More
Use SELKS to Solve the Unit 42 Wireshark Quiz by Rosita Kyuchukova

Use SELKS to solve the Unit 42 Wireshark Quiz

Mar 16, 2023 Rositsa Kyuchukova
SELKS, Open Source, Threat Hunting, Suricata, IDS-IPS, Stamus Labs, Kibana

This blog describes how to solve the Unit 42 Wireshark quiz for January 2023 with SELKS instead of...

Read More
The Hidden Risks of False Positives: How to Prevent Alert Fatigue in Your Organization

The Hidden Risks of False Positives: How to Prevent Alert Fatigue in Your Organization

Mar 07, 2023 Stamus Networks Team
Network Detection and Response, Stamus Security Platform, IDS-IPS, Declarations of Compromise

Intrusion Detection Systems (IDS) can be powerful threat detection tools, but IDS users frequently...

Read More
Jupyter Playbooks for Suricata Part 2 by Markus Kont

Jupyter Playbooks for Suricata | Part 2

Mar 02, 2023 Markus Kont
Open Source, Suricata, IDS-IPS, Stamus Labs, Jupyter Notebook

This is the second post in a series that will be based on my Suricon 2022 talk Jupyter Playbooks...

Read More
Jupyter Playbooks for Suricata Part 1 by Markus Kont

Jupyter Playbooks for Suricata | Part 1

Feb 16, 2023 Markus Kont
Open Source, Suricata, IDS-IPS, Stamus Labs, Jupyter Notebook

This is the first post in a series that will be based on my Suricon 2022 talk Jupyter Playbooks...

Read More
Harness the Power of Shared Threat Intelligence with MISP by Alexander Nedelchev

Harness the Power of Shared Threat Intelligence with MISP

Feb 03, 2023 Alexander Nedelchev
Open Source, Network Detection and Response, IDS-IPS, Threat intelligence

When it comes to cyber threats, we understand that a threat to one organization can quickly become...

Read More
GopherCap Packet De-duplication by Markus Kont

GopherCap Packet De-duplication

Jan 12, 2023 Markus Kont
Open Source, IDS-IPS, Stamus Labs, GopherCap

A while back I wrote a blog post about a packet filtering subcommand I implemented into GopherCAP....

Read More

Weak Attack Signals Your Legacy IDS Will Miss: Unauthorized User Activity

Dec 02, 2022 Stamus Networks Team
Network Detection and Response, IDS-IPS

When you already know the specific attacks faced by your organization, then the basic detection...

Read More
Weak Attack Signals Your Legacy IDS Will Miss: Anomalous Network Activity by Stamus Networks Team

Weak Attack Signals Your Legacy IDS Will Miss: Anomalous Network Activity

Nov 17, 2022 Stamus Networks Team
Network Detection and Response, IDS-IPS

Intrusion detection systems (IDS) function incredibly well when it comes to making signature based...

Read More
Weak Attack Signals Your Legacy IDS Will Miss: Malware Beacons by Stamus Networks Team

Weak Attack Signals Your Legacy IDS Will Miss: Malware Beacons

Oct 21, 2022 Stamus Networks Team
Network Detection and Response, IDS-IPS

Command-and-control (C2) attacks are bad news for any organization. Attackers use C2 servers to...

Read More
Weak Attack Signals Your IDS Will Miss: Homoglyphs by Stamus Networks Team

Weak Attack Signals Your Legacy IDS Will Miss: Homoglyphs

Oct 14, 2022 Stamus Networks Team
Network Detection and Response, IDS-IPS, Phishing

Intrusion detection systems (IDS) have proven to be a highly effective and commonly used method of...

Read More
GopherCAP Update: Filtering and SMB Lateral Detection Research

GopherCAP Update: PCAP Filtering and SMB Lateral Detection Research

Feb 16, 2022 Markus Kont
Open Source, IDS-IPS, Stamus Labs, GopherCap

Re-Introduction to PCAP Replay and GopherCAP

A while back we introduced GopherCAP, a simple tool...

Read More
Stamus Blog | Introducing Suricata Language Server: Real-time Rule Syntax Checking and Auto-completion

Introducing Suricata Language Server: Real-time Rule Syntax Checking and Auto-completion

Jan 18, 2022 Eric Leblond
Open Source, Suricata, IDS-IPS, Stamus Labs

Writing signatures for Suricata and other intrusion detection systems (IDS) is considered by many...

Read More
Stamus Networks | Suricata to the Log4j Rescue

Suricata to the Log4j Rescue

Dec 22, 2021 Eric Leblond
Suricata, IDS-IPS, CVE

Following the 10-December-2021 announcement of (CVE-2021-44228), Log4shell scanners have begun to...

Read More
IMAGE: 12 Signs it’s Time to Upgrade your Legacy IDS/IPS

12 Signs it’s Time to Upgrade your Legacy IDS/IPS

Nov 23, 2021 D. Mark Durrett
Network Detection and Response, IDS-IPS

So, you are considering migrating your legacy or aging intrusion detection and prevention system...

Read More
IMAGE: Upgrading your IDS/IPS? Answer these 3 Key Questions First.

Upgrading your IDS/IPS? Answer these 3 Key Questions First.

Nov 16, 2021 D. Mark Durrett
Network Detection and Response, IDS-IPS

So, you are considering migrating your legacy or aging intrusion detection and prevention system...

Read More
Stamus Networks | Spin up a Complete Suricata Network Security Platform in Under 2 Minutes

Spin up a Complete Suricata Network Security Platform in Under 2 Minutes

Oct 29, 2021 Alexander Nedelchev
SELKS, Open Source, Suricata, Network Security Monitoring, IDS-IPS, Stamus Labs

Believe it or not, you can launch a turnkey Suricata IDS/IPS/NSM installation – with as few as 4...

Read More
IMAGE: Suricata Myth Busting: Alerts and NSM

Suricata Myth Busting: Alerts and NSM

Oct 14, 2021 Peter Manev
Suricata, Network Security Monitoring, IDS-IPS

As I mentioned in the introductory article in this series (see here >>), Suricata produces not only...

Read More
Stamus Networks | The Other Side of Suricata

The Other Side of Suricata

Oct 06, 2021 Peter Manev
Suricata, Network Security Monitoring, IDS-IPS

You may be surprised to learn that Suricata produces not only IDS alerts but also produces logs of...

Read More
Stamus Networks - More than just another NDR Vendor

Much more than just another NDR Vendor

Jul 01, 2021 Ken Gramley
Network Detection and Response, Suricata, Network Security Monitoring, Stamus Security Platform, IDS-IPS

In cybersecurity as soon as you stand still, you’re falling behind. Change, whether it’s in the...

Read More
Suricata: The First 12 Years of Innovation

Suricata: The First 12 Years of Innovation

Jun 07, 2021 Eric Leblond
Open Source, Suricata, Network Security Monitoring, IDS-IPS

Suricata, the open source intrusion detection (IDS), intrusion prevention (IPS), and network...

Read More
IMAGE: Scaling Suricata in the Enterprise - Leverage Advanced Analytics

Scaling Suricata in the Enterprise - Leverage Advanced Analytics

Dec 15, 2020 Peter Manev
SELKS, Open Source, Suricata, Network Security Monitoring, Stamus Security Platform, IDS-IPS

Background

As we have previously written, for all Suricata’s capabilities, building out an...

Read More
IMAGE: Scaling Suricata in the Enterprise - Consolidate Alerts and Logs

Scaling Suricata in the Enterprise - Consolidate Alerts and Logs

Dec 07, 2020 Peter Manev
SELKS, Open Source, Suricata, Network Security Monitoring, Stamus Security Platform, IDS-IPS

Background

As we have previously written, for all Suricata’s capabilities, building out an...

Read More

Scaling Suricata in the Enterprise - Tuning the Sensors

Nov 30, 2020 Peter Manev
SELKS, Open Source, Suricata, Network Security Monitoring, Stamus Security Platform, IDS-IPS

Background

As we have previously written, for all Suricata’s capabilities, building out an...

Read More

Scaling Suricata in the Enterprise - Centralizing Sensor Management

Nov 23, 2020 Peter Manev
SELKS, Open Source, Suricata, Network Security Monitoring, Stamus Security Platform, IDS-IPS

For all Suricata’s capabilities, building out an enterprise-scale deployment of Suricata with...

Read More
IMAGE: Scaling Suricata in the Enterprise - Optimize Sensor Placement

Scaling Suricata in the Enterprise - Optimize Sensor Placement

Nov 17, 2020 Peter Manev
SELKS, Open Source, Suricata, Network Security Monitoring, Stamus Security Platform, IDS-IPS

As we’ve written before, Suricata is a high-performance network threat detection, IDS, IPS and...

Read More
Introducing GopherCAP: Powerful PCAP Replay

Introducing GopherCAP: Powerful PCAP Replay

Oct 23, 2020 Markus Kont
Open Source, IDS-IPS, Stamus Labs, GopherCap

Historically, we have used tcpreplay with predetermined PPS options for replaying PCAP files. It is...

Read More

Just Released: Suricata 6

Oct 08, 2020 Peter Manev
Open Source, Suricata, Network Security Monitoring, IDS-IPS

Exciting news - the OISF just announced that Suricata 6 is now available. This is the culmination...

Read More
Steve Patton: My First Eight Weeks

From Open Source IDS to Cyber Kill Chain to SOAR – My First Eight Weeks at Stamus Networks

Sep 16, 2020 Steve Patton
Network Detection and Response, Suricata, Stamus Security Platform, IDS-IPS

Stamus Networks? They are the Suricata company aren’t they? And Suricata? It’s an open source IDS...

Read More
Did Network Detection and Response (NDR) kill Network Traffic Analysis (NTA)?

Is Network Traffic Analysis (NTA) dead in an age of Network Detection and Response (NDR)?

Aug 21, 2020 D. Mark Durrett
Network Detection and Response, Threat Hunting, Network Security Monitoring, Stamus Security Platform, IDS-IPS

Organizations seeking to proactively identify and respond to cyber threats in order to mitigate...

Read More

ABOUT STAMUS NETWORKS ™

Stamus Networks believes that cyber defense is bigger than any single person, platform, company, or technology. That’s why we leverage the power of community to deliver the next generation of open and transparent network defense. Trusted by security teams at the world’s most targeted organizations, our flagship offering – Clear NDR™ – empowers cyber defenders to uncover and stop serious threats and unauthorized network activity before they harm their organizations. Clear NDR helps defenders see more clearly and act more confidently through detection they can trust with results they can explain.

Indianapolis, USA Paris, France

Privacy

© 2014-2024 Stamus Networks, Inc. All rights Reserved.