Stamus Networks Blog

We believe that sharing information is necessary to improve global security. The purpose of this blog is to share our experiences, perspectives and experiments.

Subscribe to our Blog

Blog /
Showing 66 results
of 66 items.
Reset All

Category

SELKS 10: The Next Big Leap for Open-Source Network Security

Stamus Networks is pleased to announce the release and availability of SELKS 10, the newest version...

The Hidden Claws of APT 35: Charming Kitten

Don’t let the disarming name fool you.Charming Kitten, also known as APT 35, Newscaster Team, Ajax...

Behind the Curtain: Understanding Cozy Bear (APT29)

Cozy Bear — also known as APT29, CozyCar, CozyDuke, and others — is a familiar name to security...

Threat Hunting with Suricata and Newly-Registered Domain Threat Intel (Open NRD)

In aprevious blog post, we announced the release of Open NRD from Stamus Networks - a set of threat...

Behind the Curtain: Understanding Fancy Bear (APT 28)

Operating since 2008, the shadowy figure of Fancy Bear has emerged as a formidable force in the...

A Practical Guide to Small Office / Home Office Network Visibility with SELKS: Part 1 - Equipment Selection

Have you ever counted how many computer devices, smart IoT gadgets, TV’s, kitchen appliances,...

Demystifying the MITRE ATT&CK Framework: Understanding Cyber TTPs

When an organization wants to learn more about the tactics, techniques, and procedures (TTP) used...

Closing a Suricata Supply Chain Attack Vulnerability

On 15-June-2023 the OISF announced a new release of Suricata (6.0.13) which fixes a potential...

Unlocking the Secrets of Forensic Investigations: Solving the SANS Forensic Quiz using SELKS

Are you looking to improve your threat hunting and network based forensic analysis skills with...

Accelerate Suricata Rule Writing with Suricata Language Server v0.9.0

Writing Suricata rules has never been easier or faster since the release of the Suricata Language...

Jupyter Playbooks for Suricata | Part 3

This is the third post in a series based on my Suricon 2022 talk Jupyter Playbooks for Suricata....

Analyzing Network Traffic with Kibana in SELKS: the SN-Hunt-1 Dashboard Part 1

Keeping your network secure can feel like an endless game of cat and mouse. But with SELKS and its...

Use SELKS to solve the Unit 42 Wireshark Quiz

This blog describes how to solve the Unit 42 Wireshark quiz for January 2023 with SELKS instead of...

Jupyter Playbooks for Suricata | Part 2

This is the second post in a series that will be based on my Suricon 2022 talk Jupyter Playbooks...

Detecting Attacks Against CVE-2022-39952 (FortiNAC)

This blog describes the steps Stamus Networks customers may take to determine if any of your...

Jupyter Playbooks for Suricata | Part 1

This is the first post in a series that will be based on my Suricon 2022 talk Jupyter Playbooks...

An Introduction to Cyber Threat Intelligence

Because cybersecurity teams face numerous threats from bad actors that are continually devising new...

Inside SELKS: What's Under the Hood

SELKS is a turnkey Suricata-based IDS/IPS/NSM ecosystem that combines several free, open-source...

Analysis of TLS Cipher Suite Security in Stamus App for Splunk

The latest version (1.0.1) of  the Stamus App for Splunk adds TLS cipher suite analysis. Conducting...

Why We Wrote the Book on Suricata

As we celebrate the first week after launching our new book “The Security Analyst’s Guide to...

NEW! Open Ruleset for Detecting Lateral Movement in Windows Environments with Suricata

Today, we’re announcing a new open-source contribution from Stamus Networks - a Suricata ruleset...

Impact of OpenSSL CVE-2022-3602 and CVE-2022-3786 on SSP and SELKS Users

TL;DR

Stamus Networks uses OpenSSL in the Stamus Security Platform (SSP) as well as our open source

SELKS 7: Deployment and Applications

Perhaps the most exciting thing about the release of SELKS 7 is the various practical applications...

SELKS 7: Newly Updated Capabilities

This series introduces SELKS 7, the latest update to the free, open-source, turn-key Suricata based...

SELKS 7: An Introduction

In this series, you will get an overview of the SELKS 7 platform, the new updates and functionality...

GopherCAP Update: PCAP Filtering and SMB Lateral Detection Research

Re-Introduction to PCAP Replay and GopherCAP

A while back we introduced GopherCAP, a simple tool...

Introducing Suricata Language Server: Real-time Rule Syntax Checking and Auto-completion

Writing signatures for Suricata and other intrusion detection systems (IDS) is considered by many...

Spin up a Complete Suricata Network Security Platform in Under 2 Minutes

Believe it or not, you can launch a turnkey Suricata IDS/IPS/NSM installation – with as few as 4...

SELKS on Docker: A Much More Portable and Agnostic Solution

Here at Stamus Networks, we are strongly committed to open-source and believe that ease of use has...

Introducing GopherCAP: Powerful PCAP Replay

Historically, we have used tcpreplay with predetermined PPS options for replaying PCAP files. It is...

Introducing the Stamus Networks App for Splunk®

This week we announced the new Stamus Networks App for Splunk®. You can read our press release here...

SELKS 6 [The stuck-at-home edition]

SELKS 6 is out!

If you are still teleworking, you may wish to test and deploy this new edition to...

SELKS 5 - The Sorceress

SELKS 5 is out! Thank you to the whole community for your help and feedback! Thank you to all the...

SELKS5 RC1 - Threat Hunting and more...

Hi!Yet another upgrade of our SELKS. We are very thankful to all the great Open Source projects and...

SELKS5 Beta: new hunting interface and FPC

Hey! Our new and upgraded showcase for Suricata has just been released - SELKS5 Beta. Thanks to...

SELKS 4.0

This first edition of SELKS 4 is available from Stamus Networks thanks to a great and helpful...

Suricata 4.0 and why it does matter

Suricata 4.0 is out and this switch from 3.x to 4.x is not marketing driven because the changes are...

SELKS 4 RC1

After a very valuable round of testing and feedback from the community we are pleased to announce...

The third SELKS is out

Yes, we did it: the most awaited SELKS 3.0 is out. This is the first stable release of this new...

Amsterdam 1.0, SELKS and docker

Stamus Networks is proud to announce the availability of version 1.0, nicknamed "glace à la...

Let’s talk about SELKS 3.0RC1

After some hard team work, Stamus Networks is proud to announce the availability of SELKS 3.0RC1.

Amsterdam: SELKS & Docker using Compose

Stamus Networks is proud to announce the availability of the first technology preview of Amsterdam.

Let's talk about SELKS 2.0

Stamus Networks is proud to announce the availability of SELKS 2.0  release.

SELKS 2.0 beta1 based on Debian Jessie

Stamus Networks is proud to announce the availability of SELKS 2.0 BETA1 release. With Jessie...

Let’s talk about SELKS 1.2

Stamus Networks is proud to announce the availability of SELKS 1.2 stable release. SELKS is both...

Conky for SELKS

Conky is a cool, desktop and lightweight monitoring tool. SELKS comes with a ready to use Conky...

Accuracy of Elasticsearch facets

Introduction

Elasticsearch and Kibana are wonderful tools but as all tools you need to know their...

Let’s talk about SELKS 1.1

Stamus Networks is proud to announce the availability of SELKS 1.1 stable release. SELKS is both...

Using Stamus Networks Debian Repositories

Stamus Networks supports its own generic and standard Debian Wheezy 64 bit packaging repositories...

Slides of SELKS lightning talk at hack.lu

After giving a talk about malware detection and suricata, Eric Leblond gave a lightning talk to...

SELKS privacy dashboard

Introduction

SELKS 1.0 is featuring a privacy dashboard. This is a dashboard focusing on HTTP and...

Let's talk about SELKS 1.0

Stamus Networks is proud to announce the availability of SELKS 1.0 stable release. SELKS is both...

SELKS 1.0 RC1 is out

Stamus Networks is proud to announce the availability of SELKS 1.0 RC1. This is the first release...

A Suricata application for Splunk

Thanks to the EVE JSON events and alerts format that appear in Suricata 2.0, it is now easy to...

SELKS 1.0 beta2 is available

Stamus Networks is proud to announce the release of SELKS 1.0 beta2. This is the second public...