[New post] Security Onion – Free Platform for Network Security

AAT Team posted: " Security Onion is a free Linux-based distro used for network security. It is built on top of the Xubuntu Long-term Support (LTS) distro. It is also used for log management and threat hunting. Many open-source tools such as Suricata (Intrusion Detection S" New post on All About Testing Security Onion – Free Platform for Network Security by AAT Team Security Onion is a free Linux-based distro used for network security. It is built on top of the Xubuntu Long-term Support (LTS) distro. It is also used for log management and threat hunting. Many open-source tools such as Suricata (Intrusion Detection System, IDS), Snort (Open Source Intrusion Prevention System (IPS)), etc are bundled with Security Onion. This blog provides you a brief introduction to Security Onion covering download, installation, tools available in OS etc. Download and Installation You can download Security Onion by using the below link: Download Link After download, you can install the operating system on a virtual machine. If you are a new user, select Evaluation Mode that enables most of the things automatically. Security Onion Platform Analyst Tools Hunt, Kibana, TheHive, Navigator, Playbook, Fleet, Cyberchef Network & Host Data Strelka, Beats, Steno, Zeek, Wazuh, Osquery, Suricata Infrastructure Docker, Salt, Grafana, Logstash, Filebeat, Redis, ElasticSearch Operating System CentOS, Ubuntu How can we use Security Onion to secure Infrastructure? Security Onion can be deployed with firewalls, servers, and other IT devices. Later, it is configured to consume logs and provide alerts in case of any suspicious activity. Tools Available in Security Onion There are many open-source tools available in the operating system that helps to detect and mitigate network attacks. Security Onion Console - When you login in the operating system, this is the first thing you encountered. As the name suggest, it provides console interface to manage and also provide alerts from different tools such as Suricata, Wazuh, Hunt, Zeek etc. Kibana - Tool created by Elastic, used to analyze different types of logs and alerts generated by different open source tools. CyberChef - Analysis tool used to analyze, and decode data for advanced analysis of data Playbook - Web application helps in creating security detection strategy TheHive - Case Management Interface provide logs from Hunt, Kibana etc. Conclusion Security Onion is a versatile Linux-based distro that can be deployed in different architectures. It provides a single solution for full packet capture, threat hunting, log analysis, metadata analysis, etc. This helps administrators to manage security issues in a network in an easy way. AAT Team | September 30, 2021 at 2:29 am | Categories: Blog | URL: https://wp.me/p99f7k-254 Comment    See all comments Unsubscribe to no longer receive posts from All About Testing. Change your email settings at Manage Subscriptions. Trouble clicking? Copy and paste this URL into your browser: https://allabouttesting.org/security-onion-free-platform-for-network-security/