Security Onion

Security Onion
Security Onion
	A screenshot of the default configuration.
Developer	Security Onion Solutions
OS family	Linux (Unix-like)
Working state	Active
Source model	Open-source
Latest release	2.4.70 / May 29, 2024
Official website	securityonionsolutions.com
Support status
	Active

Security Onion is a free and open Linux distribution for threat hunting, enterprise security monitoring, and log management.^[2] It was developed by Doug Burks in 2008.^[3] Its first release was in 2009.^[4] It was originally based on Xubuntu 10.04.^[5]

Quick Facts Developer, OS family ...

Version 2.4.140 was released on March 24, 2025.^[6]

Security Onion combines various tools and technologies to provide a robust IDS solution, including:

Snort^[7]

Suricata and Zeek (formerly Bro): These are network-based IDS tools that monitor network traffic for suspicious activities.
OSSEC: A host-based IDS that monitors system logs and file integrity.
Elasticsearch, Logstash, and Kibana (ELK stack): These tools are used for log management and analysis, allowing for effective visualization and querying of security events.

[2]

[3]

[4]

[5]

[1]

[6]

[7]

Security Onion

See also

References

Wikiwand - on