<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2180921&amp;fmt=gif">

Stamus Networks Blog

We believe that sharing information is necessary to improve global security. The purpose of this blog is to share our experiences, perspectives and experiments.

Subscribe to our Blog

Blog /
Showing 89 results
of 89 items.
Reset All

Category

Suricata Threat Hunting Fundamentals

Before beginning any sort of threat hunt, it is important to consider the tools you are using. This...

Threat Hunting with Suricata and Newly-Registered Domain Threat Intel (Open NRD)

In aprevious blog post, we announced the release of Open NRD from Stamus Networks - a set of threat...

Malware PCAP Analysis Made Easy Part 4

In aprevious blog post, we compiled a number of useful JQ command routines for fast malware PCAP...

Malware PCAP Analysis Made Easy Part 2

In aprevious blog post, we compiled a number of useful JQ command routines for fast malware PCAP...

Malware PCAP Analysis Made Easy

When a threat researcher is investigating malware behavior and traces on the network, they need a...

Creating Kibana Visualizations with SELKS

Visualizing network security logs or data is a crucial aspect of effectively analyzing and...

A Practical Guide to Small Office / Home Office Network Visibility with SELKS: Part 1 - Equipment Selection

Have you ever counted how many computer devices, smart IoT gadgets, TV’s, kitchen appliances,...

Just Released: Suricata 7

Yesterday (18-July-2023) the OISF announced the general availability of Suricata version 7. It’s...

Unlocking the Secrets of Forensic Investigations: Solving the SANS Forensic Quiz using SELKS

Are you looking to improve your threat hunting and network based forensic analysis skills with...

Accelerate Suricata Rule Writing with Suricata Language Server v0.9.0

Writing Suricata rules has never been easier or faster since the release of the Suricata Language...

Jupyter Playbooks for Suricata | Part 3

This is the third post in a series based on my Suricon 2022 talk Jupyter Playbooks for Suricata....

Analyzing Network Traffic with Kibana in SELKS: the SN-Hunt-1 Dashboard Part 1

Keeping your network secure can feel like an endless game of cat and mouse. But with SELKS and its...

Use SELKS to solve the Unit 42 Wireshark Quiz

This blog describes how to solve the Unit 42 Wireshark quiz for January 2023 with SELKS instead of...

Jupyter Playbooks for Suricata | Part 2

This is the second post in a series that will be based on my Suricon 2022 talk Jupyter Playbooks...

Jupyter Playbooks for Suricata | Part 1

This is the first post in a series that will be based on my Suricon 2022 talk Jupyter Playbooks...

Harness the Power of Shared Threat Intelligence with MISP

When it comes to cyber threats, we understand that a threat to one organization can quickly become...

Inside SELKS: What's Under the Hood

SELKS is a turnkey Suricata-based IDS/IPS/NSM ecosystem that combines several free, open-source...

Analysis of TLS Cipher Suite Security in Stamus App for Splunk

The latest version (1.0.1) of  the Stamus App for Splunk adds TLS cipher suite analysis. Conducting...

Why We Wrote the Book on Suricata

As we celebrate the first week after launching our new book “The Security Analyst’s Guide to...

NEW! Open Ruleset for Detecting Lateral Movement in Windows Environments with Suricata

Today, we’re announcing a new open-source contribution from Stamus Networks - a Suricata ruleset...

Embrace Open Interfaces and Open Source

When the leadership team at Stamus Networks got together to capture the core principles of our...

SELKS 7: Deployment and Applications

Perhaps the most exciting thing about the release of SELKS 7 is the various practical applications...

SELKS 7: Newly Updated Capabilities

This series introduces SELKS 7, the latest update to the free, open-source, turn-key Suricata based...

SELKS 7: An Introduction

In this series, you will get an overview of the SELKS 7 platform, the new updates and functionality...

GopherCAP Update: PCAP Filtering and SMB Lateral Detection Research

Re-Introduction to PCAP Replay and GopherCAP

A while back we introduced GopherCAP, a simple tool...

Introducing Suricata Language Server: Real-time Rule Syntax Checking and Auto-completion

Writing signatures for Suricata and other intrusion detection systems (IDS) is considered by many...

Intrusion Analysis and Threat Hunting with Open Source Tools @ FloCon 2022

In its early years, FloCon was an academic conference focused exclusively on network flow data but...

Spin up a Complete Suricata Network Security Platform in Under 2 Minutes

Believe it or not, you can launch a turnkey Suricata IDS/IPS/NSM installation – with as few as 4...

Troopers Training: Intrusion Analysis and Threat Hunting with Open Source Tools

The importance of having a strong security team has been growing in recent years, and many...

SELKS on Docker: A Much More Portable and Agnostic Solution

Here at Stamus Networks, we are strongly committed to open-source and believe that ease of use has...

Suricata: The First 12 Years of Innovation

Suricata, the open source intrusion detection (IDS), intrusion prevention (IPS), and network...

Scaling Suricata in the Enterprise - Leverage Advanced Analytics

Background

As we have previously written, for all Suricata’s capabilities, building out an...

Scaling Suricata in the Enterprise - Consolidate Alerts and Logs

Background

As we have previously written, for all Suricata’s capabilities, building out an...

Scaling Suricata in the Enterprise - Tuning the Sensors

Background

As we have previously written, for all Suricata’s capabilities, building out an...

Scaling Suricata in the Enterprise - Centralizing Sensor Management

For all Suricata’s capabilities, building out an enterprise-scale deployment of Suricata with...

Scaling Suricata in the Enterprise - Optimize Sensor Placement

As we’ve written before, Suricata is a high-performance network threat detection, IDS, IPS and...

Introducing GopherCAP: Powerful PCAP Replay

Historically, we have used tcpreplay with predetermined PPS options for replaying PCAP files. It is...

Introducing the Stamus Networks App for Splunk®

This week we announced the new Stamus Networks App for Splunk®. You can read our press release here...

Just Released: Suricata 6

Exciting news - the OISF just announced that Suricata 6 is now available. This is the culmination...

SELKS 6 [The stuck-at-home edition]

SELKS 6 is out!

If you are still teleworking, you may wish to test and deploy this new edition to...

SELKS 5 - The Sorceress

SELKS 5 is out! Thank you to the whole community for your help and feedback! Thank you to all the...

SELKS5 RC1 - Threat Hunting and more...

Hi!Yet another upgrade of our SELKS. We are very thankful to all the great Open Source projects and...

SELKS5 Beta: new hunting interface and FPC

Hey! Our new and upgraded showcase for Suricata has just been released - SELKS5 Beta. Thanks to...

Scirius 2.0 is here to get your Suricata easier, faster, stronger

Stamus Networks is proud to announce the availability of Scirius Community Edition 2.0. This is the...

SELKS 4.0

This first edition of SELKS 4 is available from Stamus Networks thanks to a great and helpful...

Suricata 4.0 and why it does matter

Suricata 4.0 is out and this switch from 3.x to 4.x is not marketing driven because the changes are...

SELKS 4 RC1

After a very valuable round of testing and feedback from the community we are pleased to announce...

Scirius CE 1.2.0 is for IPS and collaboration

Stamus Networks is proud to announce the availability of Scirius 1.2.0. This release of our...

The third SELKS is out

Yes, we did it: the most awaited SELKS 3.0 is out. This is the first stable release of this new...

Amsterdam 1.0, SELKS and docker

Stamus Networks is proud to announce the availability of version 1.0, nicknamed "glace à la...

Let’s talk about SELKS 3.0RC1

After some hard team work, Stamus Networks is proud to announce the availability of SELKS 3.0RC1.

Scirius 1.1.6 brings new key features

Stamus Networks is proud to announce the availability of Scirius 1.1.6. This new release brings...

Amsterdam: SELKS & Docker using Compose

Stamus Networks is proud to announce the availability of the first technology preview of Amsterdam.

Version 1.1 brings Scirius to a new level

Stamus Networks team is proud to announce the availability of Scirius 1.1. This new release brings...

Let's talk about SELKS 2.0

Stamus Networks is proud to announce the availability of SELKS 2.0  release.

Scirius 1.0 is out

Stamus Networks is proud to announce the availability of Scirius 1.0. This is the first stable...

Scirius-1.0rc3

Stamus Networks is proud to announce the availability of the third release candidate of Scirius...

SELKS 2.0 beta1 based on Debian Jessie

Stamus Networks is proud to announce the availability of SELKS 2.0 BETA1 release. With Jessie...

Run you own Suricata QA

Some words about PRscript

PRSCript is a script that run a series of builds and tests on a given...

Let’s talk about SELKS 1.2

Stamus Networks is proud to announce the availability of SELKS 1.2 stable release. SELKS is both...

Scirius-1.0rc2

Stamus Networks is proud to announce the availability of the second release candidate of Scirius...

Scirius 1.0-rc1

Stamus Networks is proud to announce the availability of version 1.0-rc1 of Scirius, our web...

Conky for SELKS

Conky is a cool, desktop and lightweight monitoring tool. SELKS comes with a ready to use Conky...

Accuracy of Elasticsearch facets

Introduction

Elasticsearch and Kibana are wonderful tools but as all tools you need to know their...

Let’s talk about SELKS 1.1

Stamus Networks is proud to announce the availability of SELKS 1.1 stable release. SELKS is both...

Scirius 1.0-beta1

Stamus Networks is proud to announce the availability of version 1.0-beta1 of Scirius, our web...

Using Stamus Networks Debian Repositories

Stamus Networks supports its own generic and standard Debian Wheezy 64 bit packaging repositories...

Slides of SELKS lightning talk at hack.lu

After giving a talk about malware detection and suricata, Eric Leblond gave a lightning talk to...

SELKS privacy dashboard

Introduction

SELKS 1.0 is featuring a privacy dashboard. This is a dashboard focusing on HTTP and...

Let's talk about SELKS 1.0

Stamus Networks is proud to announce the availability of SELKS 1.0 stable release. SELKS is both...

SELKS 1.0 RC1 is out

Stamus Networks is proud to announce the availability of SELKS 1.0 RC1. This is the first release...

Scirius v0.8

Stamus Networks is proud to announce the availability of the version 0.8 of Scirius, the web...

A Suricata application for Splunk

Thanks to the EVE JSON events and alerts format that appear in Suricata 2.0, it is now easy to...

SELKS 1.0 beta2 is available

Stamus Networks is proud to announce the release of SELKS 1.0 beta2. This is the second public...

Scirius on Ubuntu LTS

The Ubuntu used in this tutorial:

Announcing Scirius v0.3

Stamus Networks is proud to announce the release 0.3 of Scirius, our web interface for Suricata...

Announcing Scirius v0.1

Stamus Networks is proud to announce the first release of Scirius, its Suricata ruleset web...