Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
jertel
commented
4 days ago
Currently (2.4.100) analysts can modify YARA and Sigma rules, but when attempting to modify a Suricata rule a 401 error is returned.