<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2180921&amp;fmt=gif">

SELKS 7: An Introduction

by Alexander Nedelchev | May 03, 2022 | SELKS, Suricata

In this series, you will get an overview of the SELKS 7 platform, the new updates and functionality included in the recent update, as well as deployment options and practical applications. If you are already familiar with the SELKS IDS/NSM system, skip ahead to SELKS 7: Updated Capabilities to read about all the new features or SELKS 7: Deployment and Application to learn about the practical uses and implementations possible with SELKS 7.

What is SELKS 7?

Stamus Networks is pleased to announce the release of SELKS 7, the latest iteration of the free, open-source, and turn-key Suricata network intrusion detection/protection system (IDS/IPS), network security monitoring (NSM), and threat hunting implementation. Released under the GPLv3 license, the SELKS 7 system is the perfect solution whether it’s for small to medium sized organizations, the home network defender looking for a capable and effective IDS and NSM system, or security practitioners looking to experiment with Suricata.

SELKS 7 is built on eight key components:

Additionally, SELKS 7 utilizes functionality from Arkime, Evebox, and CyberChef, although those components were included after the “SELKS” acronym was established.

Traffic filters through Suricata into SELKS

Why are we excited about SELKS 7?

SELKS 7 introduces an architectural overhaul which offers numerous new possibilities. Now that the system is based on Docker, it can run on Linux or Microsoft Windows without the overhead of a virtual machine. This makes SELKS 7 faster to deploy and more flexible than it was when running off a virtual machine in previous iterations. For example, you can now download and launch the entire instance in less than 2 minutes.

One of the exciting benefits of the new architecture is the pcap ingest feature. You can now replay pcap files simply by running a script and you can see the result in all the integrated interfaces. Additionally, different files can be ingested and differentiated within those interfaces so you can study multiple cases simultaneously.

With SELKS 7, it’s unnecessary to experiment and test different software versions. You can now easily pick and choose which specific software component version to use with simple command line flags. These new features make SELKS 7 a valuable platform for learning and training, although the possibilities don’t stop there. With new hunting queries, a greater depth of visualization, and an intuitive dashboard, SELKS 7 offers multiple entry points for the discovery and analysis of network traffic.

SELKS 7: A totally free, open-source, Suricata-based powerhouse IDS/NSM

The features listed here are only the tip of the iceberg when it comes to the new updates included in SELKS 7. With these updated capabilities, there are now new features to assist in your network hunting including new dashboards and reporting abilities, integrations, the inclusion of Docker, rulesets and threat intel management, and monitoring. All of these features work together to provide new practical applications that enable the cyber defenders, whether in small to medium businesses or on their home network, to keep their networks protected against any potential threat.

Read more about the new SELKS 7 updates here or download the system for free today.

 

Schedule a Demo of Stamus Security Platform

REQUEST A DEMO

Related posts

Stamus Networks at RSA San Francisco 2022

RSA Conference San Francisco is back in June 2022 and we are excited to once again be a part of one...

SELKS 7: Deployment and Applications

Perhaps the most exciting thing about the release of SELKS 7 is the various practical applications...