Stamus Networks believes in the innovative power and flexibility that Open Source Software posses. It also offers independence and great adaptability – critical when building security products you can trust. But taking from the community is not enough if you want more common good to emerge. This is why Stamus Networks makes its best to contribute back to the Open Source idea. The main part of our contribution back to Open Source is our two projects SELKS, a live and installable ISO implementing a ready to use Suricata IDS/IPS, and Scirius Community Edition, a web interface dedicated to Suricata ruleset management.
SELKS is both Live and installable Network Security Management ISO based on Debian implementing and focusing on a complete and ready to use Suricata IDS/IPS ecosystem with its own graphic rule manager. From start to analysis of IDS/IPS and NSM events in 30 sec. The name comes from its major components:
After starting or installing SELKS, you get a running Suricata intrusion and detection prevention system within a NSM platform, Kibana to analyze alerts and events, EveBox to correlate flows, archive/comment on events,reporting and pcap download. There is also Scirius to configure and manage the Suricata ruleset.
SELKS is released under GPLv3 license. Sources, README, issues tracker and wiki are hosted on GitHub. To ask any questions or get help you can use our mailing list. You can thus build your own SELKS ISO or just download the ready to use ISO’s below. SELKS exists in two flavors with and without desktop interface.
Scirius Enterprise marries the power of Suricata to our custom Network Traffic Analyzer and advanced Threat Hunting platform to provide a level of correlated data that is unavailable in a traditional SELKS stack. This correlation of data provides an unprecedented view into your network, best enabling top tier analysts. Contact us for a demo.
Scirius Community Edition is a web interface dedicated to Suricata ruleset management. It manages the rule files/categories . Sources for the ruleset can be local (uploaded files) or remote files (archive accessible via HTTP or HTTPS like the Emerging Threats Open/PRO ruleset).
Scirius Community Edition is an application written in Django.