A Live ISO dedicated to Suricata
SELKS is both Live and installable Network Security Management ISO based on Debian implementing and focusing on a complete and ready to use Suricata IDS/IPS ecosystem with its own graphic rule manager. From start to analysis of IDS/IPS and NSM events in 30 sec. The name comes from its major components:
After starting or installing SELKS, you get a running Suricata intrusion and detection prevention system within a NSM platform, Kibana to analyze alerts and events, EveBox to correlate flows, archive/comment on events,reporting and pcap download. There is also Scirius to configure and manage the Suricata ruleset.
SELKS is released under GPLv3 license. Sources, README, issues tracker and wiki are hosted on GitHub. To ask any questions or get help you can use our mailing list. You can thus build your own SELKS ISO or just download the ready to use ISO’s below. SELKS exists in two flavors with and without desktop interface.
SELKS with desktop
SELKS without desktop
Scirius Enterprise marries the power of Suricata to our custom Network Traffic Analyzer and advanced Threat Hunting platform to provide a level of correlated data that is unavailable in a traditional SELKS stack. This correlation of data provides an unprecedented view into your network, best enabling top tier analysts. Contact us for a demo.
Download all releases – Stable, Beta, RC, Older