Security Onion

Security Onion

A screenshot of the default configuration.
Developer	Security Onion Solutions
OS family	Linux (Unix-like)
Working state	Active
Source model	Open-source
Latest release	2.4.70 [1] / May 29, 2024
Official website	securityonionsolutions.com
Support status
Active

Security Onion is a free and open Linux distribution for threat hunting, enterprise security monitoring, and log management. ^[2] It was developed by Doug Burks in 2008. ^[3] Its first release was in 2009. ^[4] It was originally based on Xubuntu 10.04. ^[5]

Version 2.4.140 was released on March 24, 2025. ^[6]

Security Onion combines various tools and technologies to provide a robust IDS solution, including:

• Snort ^[7]

• Suricata and Zeek (formerly Bro): These are network-based IDS tools that monitor network traffic for suspicious activities.
• OSSEC: A host-based IDS that monitors system logs and file integrity.
• Elasticsearch, Logstash, and Kibana (ELK stack): These tools are used for log management and analysis, allowing for effective visualization and querying of security events.

See also

• Snort

References

1. "Releases · Security-Onion-Solutions/Securityonion". GitHub.
2. "Security Onion | CISA". www.cisa.gov. Retrieved 2024-06-12.
3. Anson, Steve (2020). Applied incident response. Indianapolis: John Wiley and Sons. ISBN   978-1-119-56026-5.
4. "Security Onion Solutions". securityonionsolutions.com. Retrieved 2024-06-12.
5. Grant, Nicholas (2014). Unified communications forensics: anatomy of common UC attacks. Joseph Shaw. Waltham, MA: Syngress. ISBN   978-0-12-404605-4.
6. Kaaviya (2025-03-25). "Security Onion 24.10 Released - What's New". Cyber Security News. Retrieved 2025-04-23.
7. Ackerman, Pascal (2021). Industrial Cybersecurity (2nd ed.). Packt Publishing. ISBN   978-1-80020-582-6.