<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2180921&amp;fmt=gif">

SELKS is now Clear NDR - Community

As the next generation open source turnkey Suricata implementation from Stamus Networks, the Clear NDR - Community edition is the successor to SELKS. We incorporated many lessons learned from the 10 years of SELKS innovation and user feedback into this platform.

 

Wondering why we made the change from SELKS to Clear NDR? Check out the FAQ here >>

Review the FAQ

Released under GPL 3.0-or-later license, the distribution is available as either via Docker compose on any Linux operating system or as an installable Debian-based ISO (coming soon).

 

Clear NDR - Community packages a turnkey set of open source components:

Follow the links below to read more about the key open source components incorporated in Clear NDR - Community:

  • Suricata: high performance, Open Source network analysis and threat detection software
  • Fluentd: Open Source Data Collector
  • OpenSearch: Open Source, enterprise-grade search and observability suite
  • Evebox: Suricata alert and event management tool
  • Arkime: Network analysis & packet capture
  • Scirius: This Suricata hunting and ruleset management interface - developed by Stamus Networks - manages multiple Suricata rulesets and threat intelligence sources

NOTE: All of the above component are pulled and instated using a single Go binary called StamusCtl. Instructions for which can be found on the the documentation site here >>

 

Read Online Docs for Clear NDR - Community

Scirius - The Clear NDR User Interface

The Clear NDR - Community user interface (also known as Scirius) is the Stamus Networks open-source application that brings all these components together. It provides the web interface for the entire system, giving you the ability to:

 

SELKS_May2020_SCE+STH

  • Manage multiple Suricata rulesets and threat intelligence sources 
  • Upload and manage custom Suricata rules and IoC data files 
  • Hunt for threats using predefined filters and enhanced contextual views
  • Apply thresholding and suppression to limit verbosity of noisy alerts
  • View Suricata performance statistics and information about Suricata rule activity
  • Apply EveBox, Cyberchef and OpenSearch dashboards to the Suricata NSM and alert data

Who is Clear NDR - Community for?

For many small-to-medium sized organizations, Clear NDR - Community can be a suitable production-grade network security monitoring (NSM) and intrusion detection (IDS) solution.

And because all the data available in Clear NDR - Community is generated by the Suricata engine, Clear NDR - Community is widely used by network security practitioners, researchers, educators, students, and hobbyists to explore what is possible with Suricata IDS/IPS/NSM and the network protocol monitoring logs and alerts it produces. 

 

For enterprise scale applications, please review our commercial solution, Clear NDR - Enterprise, described below.

Download Clear NDR™ - Community

Docker Compose Installation

Use stamusctl to install Clear NDR - Community in any Linux environment with docker installed. Get setup in only a few minutes.

 

Get Clear NDR - Community on Docker

Complete Image with Desktop (coming soon)

Use the image with Desktop when you want a turnkey installation that includes the Debian x64 12 (Bookworm) Linux desktop environment. Can be deployed on bare metal hardware or VM

Complete Image without Desktop (coming soon)

Use the image without Desktop when you want a turnkey Clear NDR - Community installation in a headless environment (based on Debian x64 12 Bookworm). Can be deployed on bare metal hardware or VM.

Report Issues and Get Clear NDR - Community Support

To access README documentation, issues tracker and the Clear NDR - Community components, please visit our GitHub pages here:

 

  • Stamusctl (the binary used to create an instance of Clear NDR - Community)
  • Stamusctl Templates (Recipes used by stamusctl to create Clear NDR instances)
  • Scirius (the User Interface console used in Clear NDR - Community)

 

Visit the documentation site for complete installation instructions, here >>

 

Read Online Docs for Clear NDR - Community

To ask questions or ask for help, join our Discord server here >> Discord Logo (black) PNG-1

 

What About Enterprise Scale Deployments?

While Clear NDR - Community is a great system to test out the power of Suricata for intrusion detection and threat hunting, it was never designed to be deployed in an enterprise setting. For enterprise applications, please review our commercial solution, Clear NDR - Enterprise (formerly Stamus Security Platform).

To learn more about the differences between Clear NDR - Community and our commercial solutions, download the white paper, Understanding SELKS and Stamus Commercial Platform. 

 

Download the White Paper Now

SELKS-SSP_WP_Thumb

Clear NDR - Comparing Enterprise and Community Editions

Clear-NDR-Enterprise-Community-Comparison

 

Additional Resources

Stamus_TB_Thumb_SuperSuri-1

Tech Brief: Supercharge Suricata Sensors with Stamus Security Platform

Download
Stamus_WP_Thumb_ScaleSuri

White Paper: Scaling Suricata for Enterprise Deployment

Download
SpinUpSELKS-2Min-A

Blog: Spin up Suricata in 10 Minutes

Read More

ABOUT STAMUS NETWORKS ™

Stamus Networks believes that cyber defense is bigger than any single person, platform, company, or technology. That’s why we leverage the power of community to deliver the next generation of open and transparent network defense. Trusted by security teams at the world’s most targeted organizations, our flagship offering – Clear NDR™ – empowers cyber defenders to uncover and stop serious threats and unauthorized network activity before they harm their organizations. Clear NDR helps defenders see more clearly and act more confidently through detection they can trust with results they can explain.

Indianapolis, USA Paris, France

Privacy

© 2014-2024 Stamus Networks, Inc. All rights Reserved.