Clear NDR™ is an open and transparent network threat detection and response (NDR) system that empowers defenders with the deep network insights needed to build a more efficient and secure AI-powered autonomous security operations center (SOC).
Clear NDR is focused on solving five primary challenges facing security teams today:
It can be deployed as a stand-alone NDR solution or integrated into an organization’s AI-driven security operations center, delivering powerful network data that supports even more sophisticated cross-platform threat detection and enterprise-wide automation.
Unlike other solutions, Clear NDR uses a tapestry of transparent threat detection and response technologies – including AI, machine learning, advanced heuristics, signatures, and IoC matching – in a highly customizable system – supported by extensive metadata and evidence – that delivers detection you can trust with results you can explain.
In summary, Clear NDR delivers:
Developed as an open core solution, it is available in two tiers: the open source “Community” edition (formerly SELKS) and the flagship “Enterprise” edition (formerly Stamus Security Platform).
Historically, SELKS and Stamus Security Platform (SSP) were two separate code bases. This initiative consolidates the two code bases into a single open core architecture and consolidates the product names.
The name Clear NDR reflects the product’s core principles of openness, transparency, efficacy, and clarity .
With a single code base to maintain, users can expect to see more innovation and features for both Community and Enterprise editions. Because the Community edition inherits many of the basic features of the Enterprise edition, this will deliver a better experience for open source users. Users who wish to upgrade from the Community to Enterprise edition will soon be able to do so easily and without losing any data.
With the forthcoming release – update 41 (U41) – Stamus Security Platform has been renamed to “Clear NDR - Enterprise.”
As the next generation open source turnkey Suricata implementation from Stamus Networks, the Clear NDR - Community edition is the successor to SELKS. Stamus Networks has incorporated many lessons learned from the 10 years of SELKS innovation and user feedback into this platform. A free, open-source solution – licensed under GPLv3 – Clear NDR - Community builds on the legacy of SELKS, by retaining all original SELKS features and adding new ones.
Historically, SELKS and Stamus Security Platform (SSP) were two separate code bases. This initiative consolidates the two code bases into a single open core architecture and consolidates the product names. The foundational elements of the new architecture were different enough from the original SELKS - for example, it no longer includes the ELK stack – that we felt it would be misleading to continue referring to it as SELKS. The name Clear NDR reflects the product’s core principles of openness, transparency, efficacy, and clarity.
Clear NDR - Community is different in several ways from SELKS. First, and perhaps most obviously, it is not based on the ELK stack (ElasticSearch, Logstash, and Kibana). Instead, it replaces those components with OpenSearch and Fluentd. Unlike SELKS, Clear NDR - Community shares the same console user interface as Clear NDR - Enterprise (formerly Stamus Security Platform) and it is the harmonized code base for future releases of Clear NDR - Enterprise. Due to other changes, Clear NDR - Community is substantially easier to install, maintain, and upgrade using single executable. This harmonization of code bases will support more frequent releases and greater feature parity with the commercial solution.
SELKS users who wish to be on a more modern and feature-rich platform with the promise of more frequent future innovations, should transition to Clear NDR - Community.
Yes. With this initial release of Clear NDR - Community, users will see several changes:
No. Clear NDR - Community inherits all the existing capabilities of SELKS and adds those described above.
Users wishing to migrate their SELKS data from ElasticSearch should consult the OpenSearch documentation here: https://opensearch.org/docs/latest/migration-assistant/getting-started-data-migration/
Depending on which of the Elasticsearch features have been deployed, users should be able to import those dashboards directly into OpenSearch.
Yes, Clear NDR - Community does still include those tools.
As of January 1, 2025 Stamus Networks will no longer actively enhance SELKS. The Stamus Networks team will respond to questions and inquiries via Discord for the foreseeable future, and the SELKS community is fairly active on Discord. In addition, the Github repository will remain in place, and users are welcome to use the assets as long as the usage complies with the terms of the GPL 3 license.
As of January 1, 2025 there are no planned releases of SELKS. It is possible that Stamus Networks will respond to bug fix requests or pull requests from the community after that point, but the company will evaluate each request on an individual basis.
No. The Clear NDR - Community edition is designed as an all-in-one solution with the probe and the analytics functions integrated into one system. Support for more than one probe requires an upgrade to the Clear NDR - Enterprise edition. Please contact Stamus Networks for more information.
Historically, SELKS and Stamus Security Platform (SSP) were two separate code bases. This initiative consolidates the two code bases into a single open core architecture and consolidates the product names. The name Clear NDR reflects the product’s core principles of openness, transparency, efficacy, and clarity. With a single code base to maintain, users can expect to see more innovation and features for both Community and Enterprise editions.
With the forthcoming release – update 41 (U41) – Stamus Security Platform has been renamed to “Clear NDR - Enterprise.” The U41 release is primarily focused on updates to the operating system and other non-feature related improvements. Beginning in early 2024, the...
Yes. The Stamus Central Server is now called “Clear NDR Central Server” and the Stamus Network Probe is now called “Clear NDR Probe”.
ABOUT STAMUS NETWORKS ™
Stamus Networks believes that cyber defense is bigger than any single person, platform, company, or technology. That’s why we leverage the power of community to deliver the next generation of open and transparent network defense. Trusted by security teams at the world’s most targeted organizations, our flagship offering – Clear NDR™ – empowers cyber defenders to uncover and stop serious threats and unauthorized network activity before they harm their organizations. Clear NDR helps defenders see more clearly and act more confidently through detection they can trust with results they can explain.
© 2014-2024 Stamus Networks, Inc. All rights Reserved.
