From a3690ffa8a47b80bba6dd10134671577018d6169 Mon Sep 17 00:00:00 2001 From: Concourse Date: Thu, 31 Oct 2024 00:02:47 +0000 Subject: [PATCH] Auto-publish website --- 200.html | 2 +- 404.html | 2 +- _nuxt/builds/latest.json | 2 +- _nuxt/builds/meta/48f5b004-c228-44ed-b4ee-836fbece629f.json | 1 - _nuxt/builds/meta/e59cf81e-1871-4c64-9da0-6dcc2fc11b52.json | 1 + _payload.json | 2 +- brand/_payload.json | 2 +- brand/index.html | 6 +++--- certification/_payload.json | 2 +- certification/index.html | 6 +++--- cla/_payload.json | 2 +- cla/index.html | 6 +++--- conference/_payload.json | 2 +- conference/index.html | 6 +++--- contact_us/_payload.json | 2 +- contact_us/index.html | 6 +++--- education/_payload.json | 2 +- education/index.html | 6 +++--- hardware/_payload.json | 2 +- hardware/index.html | 6 +++--- index.html | 6 +++--- license/_payload.json | 2 +- license/index.html | 6 +++--- privacy/_payload.json | 2 +- privacy/index.html | 6 +++--- pro/_payload.json | 2 +- pro/index.html | 6 +++--- software/_payload.json | 2 +- software/index.html | 6 +++--- support/_payload.json | 2 +- support/index.html | 6 +++--- terms/_payload.json | 2 +- terms/index.html | 6 +++--- thank_you/_payload.json | 2 +- thank_you/index.html | 6 +++--- training/_payload.json | 2 +- training/index.html | 6 +++--- 37 files changed, 68 insertions(+), 68 deletions(-) delete mode 100644 _nuxt/builds/meta/48f5b004-c228-44ed-b4ee-836fbece629f.json create mode 100644 _nuxt/builds/meta/e59cf81e-1871-4c64-9da0-6dcc2fc11b52.json diff --git a/200.html b/200.html index 54bcbe04f..0846c911a 100644 --- a/200.html +++ b/200.html @@ -9,4 +9,4 @@
- \ No newline at end of file + \ No newline at end of file diff --git a/404.html b/404.html index 54bcbe04f..0846c911a 100644 --- a/404.html +++ b/404.html @@ -9,4 +9,4 @@
- \ No newline at end of file + \ No newline at end of file diff --git a/_nuxt/builds/latest.json b/_nuxt/builds/latest.json index b64ba473b..d8661b5ef 100644 --- a/_nuxt/builds/latest.json +++ b/_nuxt/builds/latest.json @@ -1 +1 @@ -{"id":"48f5b004-c228-44ed-b4ee-836fbece629f","timestamp":1730246585019} \ No newline at end of file +{"id":"e59cf81e-1871-4c64-9da0-6dcc2fc11b52","timestamp":1730332929588} \ No newline at end of file diff --git a/_nuxt/builds/meta/48f5b004-c228-44ed-b4ee-836fbece629f.json b/_nuxt/builds/meta/48f5b004-c228-44ed-b4ee-836fbece629f.json deleted file mode 100644 index 613fe98b1..000000000 --- a/_nuxt/builds/meta/48f5b004-c228-44ed-b4ee-836fbece629f.json +++ /dev/null @@ -1 +0,0 @@ -{"id":"48f5b004-c228-44ed-b4ee-836fbece629f","timestamp":1730246585019,"matcher":{"static":{},"wildcard":{},"dynamic":{}},"prerendered":["/","/contact_us","/education","/license","/privacy","/cla","/brand","/terms","/conference","/thank_you","/hardware","/support","/training","/certification","/software","/pro"]} \ No newline at end of file diff --git a/_nuxt/builds/meta/e59cf81e-1871-4c64-9da0-6dcc2fc11b52.json b/_nuxt/builds/meta/e59cf81e-1871-4c64-9da0-6dcc2fc11b52.json new file mode 100644 index 000000000..0576e6c1e --- /dev/null +++ b/_nuxt/builds/meta/e59cf81e-1871-4c64-9da0-6dcc2fc11b52.json @@ -0,0 +1 @@ +{"id":"e59cf81e-1871-4c64-9da0-6dcc2fc11b52","timestamp":1730332929588,"matcher":{"static":{},"wildcard":{},"dynamic":{}},"prerendered":["/","/contact_us","/education","/privacy","/cla","/license","/brand","/terms","/conference","/thank_you","/certification","/hardware","/training","/support","/software","/pro"]} \ No newline at end of file diff --git a/_payload.json b/_payload.json index 1d1244c41..0bdd3fdf8 100644 --- a/_payload.json +++ b/_payload.json @@ -1 +1 @@ -[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730246618566] \ No newline at end of file +[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730332962929] \ No newline at end of file diff --git a/brand/_payload.json b/brand/_payload.json index 8af04291e..bef39f1f3 100644 --- a/brand/_payload.json +++ b/brand/_payload.json @@ -1 +1 @@ -[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730246619198] \ No newline at end of file +[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730332963555] \ No newline at end of file diff --git a/brand/index.html b/brand/index.html index d60fb8ca5..4bb0a861a 100644 --- a/brand/index.html +++ b/brand/index.html @@ -9,7 +9,7 @@ - + @@ -30,5 +30,5 @@
Security Onion Solutions
Security Onion
Overview
Guidelines
Brand Guidelines
Word Marks, Logos, and Usage Restrictions
Overview
Word Marks
Both "Security Onion" and "Security Onion Solutions" are registered ® trademarks and service marks, respectively, of Security Onion Solutions, LLC. Usage of these word marks is prohibited without written authorization from an officer of Security Onion Solutions, LLC.
Logos
The Security Onion and Security Onion Solutions Logos are registered ® trademarks of Security Onion Solutions, LLC and may only be used when written consent is provided by an officer of Security Onion Solutions, LLC. Usage must adhere to the guidelines posted on this page.
Logos
Use of the following logos is bound by the terms described on this page. When authorization is granted, usage must abide by the following guidelines:
  1. The logo must be clearly visible on all common media displays and printed material.
  2. The logo must be separated from all other nearby content or markings with at least 25% of whitespace relative to the height of the logo itself.
  3. The logo must be sized such that it is not diminished relative to other logos appearing on the same media.
  4. Colors of the logos must not be altered.
  5. Logos may only be presented on all white (#FFFFF) or all black backgrounds (#000000) unless a specific exception is granted via written consent.
Security Onion Logo (Abbreviated)
Light (.png | .svg)
Dark (.png | .svg)
Security Onion Logo (Extended)
Light (.png | .svg)
Dark (.png | .svg)
Security Onion Solutions Logo (Abbreviated)
Light (.png | .svg)
Dark (.png | .svg)
Security Onion Solutions Logo (Extended)
Light (.png | .svg)
Dark (.png | .svg)
Contact us for more information on branding requirements.
- \ No newline at end of file + S29.104,22,28,22z" data-v-23be24b1>
Security Onion
Overview
Guidelines
Brand Guidelines
Word Marks, Logos, and Usage Restrictions
Overview
Word Marks
Both "Security Onion" and "Security Onion Solutions" are registered ® trademarks and service marks, respectively, of Security Onion Solutions, LLC. Usage of these word marks is prohibited without written authorization from an officer of Security Onion Solutions, LLC.
Logos
The Security Onion and Security Onion Solutions Logos are registered ® trademarks of Security Onion Solutions, LLC and may only be used when written consent is provided by an officer of Security Onion Solutions, LLC. Usage must adhere to the guidelines posted on this page.
Logos
Use of the following logos is bound by the terms described on this page. When authorization is granted, usage must abide by the following guidelines:
  1. The logo must be clearly visible on all common media displays and printed material.
  2. The logo must be separated from all other nearby content or markings with at least 25% of whitespace relative to the height of the logo itself.
  3. The logo must be sized such that it is not diminished relative to other logos appearing on the same media.
  4. Colors of the logos must not be altered.
  5. Logos may only be presented on all white (#FFFFF) or all black backgrounds (#000000) unless a specific exception is granted via written consent.
Security Onion Logo (Abbreviated)
Light (.png | .svg)
Dark (.png | .svg)
Security Onion Logo (Extended)
Light (.png | .svg)
Dark (.png | .svg)
Security Onion Solutions Logo (Abbreviated)
Light (.png | .svg)
Dark (.png | .svg)
Security Onion Solutions Logo (Extended)
Light (.png | .svg)
Dark (.png | .svg)
Contact us for more information on branding requirements.
+ \ No newline at end of file diff --git a/certification/_payload.json b/certification/_payload.json index 4cdb3b75b..52f63ad9d 100644 --- a/certification/_payload.json +++ b/certification/_payload.json @@ -1 +1 @@ -[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730246619167] \ No newline at end of file +[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730332963538] \ No newline at end of file diff --git a/certification/index.html b/certification/index.html index f81e0ae6c..e3ab4278c 100644 --- a/certification/index.html +++ b/certification/index.html @@ -10,7 +10,7 @@ - + @@ -30,5 +30,5 @@
Security Onion Solutions
Security Onion
Certified Professional
(SOCP)
Available Now!
The SOCP exam validates that you have the knowledge and skills to properly investigate alerts, hunt for adversaries, and manage your Security Onion 2 grid.
This exam tests your knowledge in the following five domains:
Design and Architecture
Strategies for properly designing and installing a Security Onion 2 grid.
Grid Management
Procedures required in administering and maintaining a Security Onion 2 grid.
Grid Monitoring and Troubleshooting
Knowledge on how to properly monitor and identify potential issues in a Security Onion 2 grid.
Grid Tuning
Tactics to ensure a Security Onion 2 sensor grid is running efficiently.
Analyst Tools
Tools and techniques needed to properly investigate alerts and hunt for adversaries using Security Onion 2.
SOCP Exam
  • Cost: $199
  • Certification validity: 3 years
  • Length: 50 questions
    120 minutes
  • Retake wait time: None
Registration Guide
Authorized Materials
The SOCP exam is in an open book format.

The following are all authorized material for the exam:
  • Security Onion Documentation Paperback book (Available online here)
  • Course material for any Security Onion Solutions instructor-led training
  • Notes (handwritten or typed)
Reference materials having the appearance of exam questions and answers are strictly prohibited.
Have questions about the SOCP?
- \ No newline at end of file + S29.104,22,28,22z" data-v-23be24b1>
Security Onion
Certified Professional
(SOCP)
Available Now!
The SOCP exam validates that you have the knowledge and skills to properly investigate alerts, hunt for adversaries, and manage your Security Onion 2 grid.
This exam tests your knowledge in the following five domains:
Design and Architecture
Strategies for properly designing and installing a Security Onion 2 grid.
Grid Management
Procedures required in administering and maintaining a Security Onion 2 grid.
Grid Monitoring and Troubleshooting
Knowledge on how to properly monitor and identify potential issues in a Security Onion 2 grid.
Grid Tuning
Tactics to ensure a Security Onion 2 sensor grid is running efficiently.
Analyst Tools
Tools and techniques needed to properly investigate alerts and hunt for adversaries using Security Onion 2.
SOCP Exam
  • Cost: $199
  • Certification validity: 3 years
  • Length: 50 questions
    120 minutes
  • Retake wait time: None
Registration Guide
Authorized Materials
The SOCP exam is in an open book format.

The following are all authorized material for the exam:
  • Security Onion Documentation Paperback book (Available online here)
  • Course material for any Security Onion Solutions instructor-led training
  • Notes (handwritten or typed)
Reference materials having the appearance of exam questions and answers are strictly prohibited.
Have questions about the SOCP?
+ \ No newline at end of file diff --git a/cla/_payload.json b/cla/_payload.json index 28e500a92..6c9e62765 100644 --- a/cla/_payload.json +++ b/cla/_payload.json @@ -1 +1 @@ -[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730246619204] \ No newline at end of file +[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730332963557] \ No newline at end of file diff --git a/cla/index.html b/cla/index.html index b51715d1e..a10ce2dd3 100644 --- a/cla/index.html +++ b/cla/index.html @@ -9,7 +9,7 @@ - + @@ -48,5 +48,5 @@ 7. Should You wish to submit work that is not Your original creation, You may submit it to SOS separately from any Contribution, identifying the complete details of its source and of any license or other restriction (including, but not limited to, related patents, trademarks, and license agreements) of which you are personally aware, and conspicuously marking the work as "Submitted on behalf of a third-party: [named here]". 8. You agree to notify SOS of any facts or circumstances of which you become aware that would make these representations inaccurate in any respect. -
- \ No newline at end of file +
+ \ No newline at end of file diff --git a/conference/_payload.json b/conference/_payload.json index 969bd132b..5565458e3 100644 --- a/conference/_payload.json +++ b/conference/_payload.json @@ -1 +1 @@ -[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730246619180] \ No newline at end of file +[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730332963545] \ No newline at end of file diff --git a/conference/index.html b/conference/index.html index 106f0355f..ee8bacc4d 100644 --- a/conference/index.html +++ b/conference/index.html @@ -11,7 +11,7 @@ - + @@ -32,5 +32,5 @@
Security Onion Solutions
Conference
Upcoming Schedule
About
Past Conferences
Security Onion Conference 2024
CANCELLED Augusta, GA
The 2024 Security Onion conference has been cancelled due to impacts from Hurricane Helene.
Who Should Attend
If you use, or are considering using Security Onion, then you should attend Security Onion Conference! Find out what's new with Security Onion, learn best practices and exchange ideas with other users.
If you're generally interested in things like intrusion detection, network security monitoring, enterprise security monitoring, log management, hunting, and blue teaming, then you should consider attending Security Onion Conference!
Past Conferences
2023202220212020201920182017201620152014
Security Onion Conference 2023
October 6, 2023 Augusta, GA
Presentations
[Keynote] Having an Impact: Focusing on making a difference in defense
Dave Kennedy
Phish Fights and Not So Long Nights with Security Onion and Sublime Platform
Wes Lambert&
Josh Kamdjou
They're digging in the wrong place: Diagnosing and dealing with one-sided traffic
Scott Hall
Enrich Your Data and Your Life
Pete Di Giorgio
Defensive Intel with Security Onion
Josh Brower
Achieving PEAK Performance: Introducing the PEAK Threat Hunting Framework
David Bianco
State of the Onion
Doug Burks
Security Onion Conference 2022
September 30, 2022 Augusta, GA
Presentations
Watching the Watchers: Layering Detection and Deception to Defend Visibility
Wes Lambert
SOAR, SOC, and Scholars - How UofSC Develops its Security Operations Processes, Staff, and Students
Robert Wilson,
Alex Galloway&
Jonathan Martin
Increasing your Situational Awareness with SOC Dashboards
Josh Brower
Tuning ICS Security Alerts: An Alarm Management Approach
Chris Sistrunk
Detecting Suspicious Activity on Linux Endpoints Using Security Onion
Bryant Treacle&
Brandon Larson
State of the Onion
Doug Burks
Security Onion Conference 2021
Oct 1, 2021 Augusta, GA
Presentations
Welcome and Opening Remarks
Doug Burks
SOARing with Security Onion
Wes Lambert
Hunting Malware with Suricata Metadata
Josh Stroschein
Layers of Deception: Intrusion Detection Honeypots with Security Onion
Josh Brower&
Chris Sanders
Developers Panel
Josh Brower,
Doug Burks,
Jason Ertel,
Wes Lambert,
Josh Patterson&
Mike Reeves
Detection Engineering: Defending Networks with Purpose
Peter Di Giorgio
State of the Onion
Doug Burks
Security Onion Conference 2020
Oct 16, 2020 Online
Presentations
Information and Announcements about Security Onion
Mike Reeves&
Doug Burks
Security Onion 2 Demo
Doug Burks
Security Onion Conference 2019
Oct 18, 2019 Augusta, GA
Presentations
Augmenting the Onion: Facilitating Enhanced Detection and Response with Open Source Tools
Wes Lambert
Creativity, Intelligence, and Security Analyst Thinking Modes
Chris Sanders&
Stef Rand
Constructing Your Playbook within Security Onion
Josh Brower
Building a Detection Lab with SecurityOnion
Wylie Bayes
Finding traffic anomalies using SSL certificates
Bryant Treacle
Peeling Back the Layers: Using Security Onion to See Adversary Activity through All Phases of the Kill Chain
Benjamin Klimkowski&
Sean Eyre
State of the Onion
Doug Burks
Security Onion Conference 2018
Oct 22, 2018 Augusta, GA
Presentations
Save Time with Modern Filtering Techniques
Mark Jeanmougin
Blue, Red, Purple, White: Which team are you on?
Don Murdoch
Welcome to Georgia Cyber Center
Todd Gay
Pcaps Ahoy!
Brad Duncan
Integrating Osquery into Security Onion
Josh Brower
Getting the Most out of Freq and Domain_Stats
Mark Baggett
Introduction to Data Analysis
David Bianco
State of the Onion
Doug Burks&
Mike Reeves
Security Onion Conference 2017
Sep 18, 2017 Augusta, GA
Presentations
Arming Small Security Programs: Network Baseline Generation and Alerts with Bropy
Matt Domko
Building your Sec Ops Use Case
Don Murdoch
Snort: History and Vision
Joel Esler
Orchestrating into SO-OODA
Rob Gresham
Pivoting Effectively to Catch More Bad Guys
Chris Sanders
State of the Onion
Doug Burks
Security Onion Conference 2016
Sep 13, 2016 Augusta, GA
Presentations
C2 Phone Home: Leveraging Security Onion to Identify C&C Channels
Eric Conrad
ICS/SCADA Network Security Monitoring in Difficult Scenarios
Robert M. Lee
Uncovering Persistence With Autoruns & Security Onion
Josh Brower
The Investigation Labyrinth
Chris Sanders
ELSA 2.0
Martin Holste
Practical Cyborgism: Machine Learning for Bro Logs
Chris McCubbin
My Use of Security Onion as a researcher
Brad Duncan
Simplifying Home Security with CHIVE
Nathan Crews&
Tanner Payne
State of the Onion
Doug Burks
Security Onion Conference 2015
Sep 11, 2015 Augusta, GA
Presentations
Looking Back Over a Quarter Century of Network Monitoring
Todd Heberlein
Detect it Once
Seth Hall
Security Event Data in the OODA Loop Model
Martin Holste
Industrially Hardened Security Onion Sensor
Chris Sistrunk
Using Sysmon to Enrich Security Onion's Host-Level Capabilities
Josh Brower
Threat Intel Powered IDS
Chris Montgomery
Security Onion Conference 2014
Sep 12, 2014 Augusta, GA
Presentations
Keynote Speech
Richard Bejtlich
Why I Built Snorby and the Future of Security Interfaces
Dustin Webber
SQUERT - An Open Source Web Interface for NSM Data
Paul Halliday
ELSA
Martin Holste
Scaling Security Onion to the Enterprise
Mike Reeves
The Security Onion Cloud Client
Josh Brower
Using Flow Data Effectively
Chris Sanders&
Jason Smith
Learn Analysis and Forensics for Free** with Security Onion
Ben Knowles
Custodiet MSSP Framework
Tim Krabec
Contributing to Security Onion
Scott Runnels
State of the Onion, Q&A, Closing Remarks
Doug Burks
- \ No newline at end of file + S29.104,22,28,22z" data-v-23be24b1>
Conference
Upcoming Schedule
About
Past Conferences
Security Onion Conference 2024
CANCELLED Augusta, GA
The 2024 Security Onion conference has been cancelled due to impacts from Hurricane Helene.
Who Should Attend
If you use, or are considering using Security Onion, then you should attend Security Onion Conference! Find out what's new with Security Onion, learn best practices and exchange ideas with other users.
If you're generally interested in things like intrusion detection, network security monitoring, enterprise security monitoring, log management, hunting, and blue teaming, then you should consider attending Security Onion Conference!
Past Conferences
2023202220212020201920182017201620152014
Security Onion Conference 2023
October 6, 2023 Augusta, GA
Presentations
[Keynote] Having an Impact: Focusing on making a difference in defense
Dave Kennedy
Phish Fights and Not So Long Nights with Security Onion and Sublime Platform
Wes Lambert&
Josh Kamdjou
They're digging in the wrong place: Diagnosing and dealing with one-sided traffic
Scott Hall
Enrich Your Data and Your Life
Pete Di Giorgio
Defensive Intel with Security Onion
Josh Brower
Achieving PEAK Performance: Introducing the PEAK Threat Hunting Framework
David Bianco
State of the Onion
Doug Burks
Security Onion Conference 2022
September 30, 2022 Augusta, GA
Presentations
Watching the Watchers: Layering Detection and Deception to Defend Visibility
Wes Lambert
SOAR, SOC, and Scholars - How UofSC Develops its Security Operations Processes, Staff, and Students
Robert Wilson,
Alex Galloway&
Jonathan Martin
Increasing your Situational Awareness with SOC Dashboards
Josh Brower
Tuning ICS Security Alerts: An Alarm Management Approach
Chris Sistrunk
Detecting Suspicious Activity on Linux Endpoints Using Security Onion
Bryant Treacle&
Brandon Larson
State of the Onion
Doug Burks
Security Onion Conference 2021
Oct 1, 2021 Augusta, GA
Presentations
Welcome and Opening Remarks
Doug Burks
SOARing with Security Onion
Wes Lambert
Hunting Malware with Suricata Metadata
Josh Stroschein
Layers of Deception: Intrusion Detection Honeypots with Security Onion
Josh Brower&
Chris Sanders
Developers Panel
Josh Brower,
Doug Burks,
Jason Ertel,
Wes Lambert,
Josh Patterson&
Mike Reeves
Detection Engineering: Defending Networks with Purpose
Peter Di Giorgio
State of the Onion
Doug Burks
Security Onion Conference 2020
Oct 16, 2020 Online
Presentations
Information and Announcements about Security Onion
Mike Reeves&
Doug Burks
Security Onion 2 Demo
Doug Burks
Security Onion Conference 2019
Oct 18, 2019 Augusta, GA
Presentations
Augmenting the Onion: Facilitating Enhanced Detection and Response with Open Source Tools
Wes Lambert
Creativity, Intelligence, and Security Analyst Thinking Modes
Chris Sanders&
Stef Rand
Constructing Your Playbook within Security Onion
Josh Brower
Building a Detection Lab with SecurityOnion
Wylie Bayes
Finding traffic anomalies using SSL certificates
Bryant Treacle
Peeling Back the Layers: Using Security Onion to See Adversary Activity through All Phases of the Kill Chain
Benjamin Klimkowski&
Sean Eyre
State of the Onion
Doug Burks
Security Onion Conference 2018
Oct 22, 2018 Augusta, GA
Presentations
Save Time with Modern Filtering Techniques
Mark Jeanmougin
Blue, Red, Purple, White: Which team are you on?
Don Murdoch
Welcome to Georgia Cyber Center
Todd Gay
Pcaps Ahoy!
Brad Duncan
Integrating Osquery into Security Onion
Josh Brower
Getting the Most out of Freq and Domain_Stats
Mark Baggett
Introduction to Data Analysis
David Bianco
State of the Onion
Doug Burks&
Mike Reeves
Security Onion Conference 2017
Sep 18, 2017 Augusta, GA
Presentations
Arming Small Security Programs: Network Baseline Generation and Alerts with Bropy
Matt Domko
Building your Sec Ops Use Case
Don Murdoch
Snort: History and Vision
Joel Esler
Orchestrating into SO-OODA
Rob Gresham
Pivoting Effectively to Catch More Bad Guys
Chris Sanders
State of the Onion
Doug Burks
Security Onion Conference 2016
Sep 13, 2016 Augusta, GA
Presentations
C2 Phone Home: Leveraging Security Onion to Identify C&C Channels
Eric Conrad
ICS/SCADA Network Security Monitoring in Difficult Scenarios
Robert M. Lee
Uncovering Persistence With Autoruns & Security Onion
Josh Brower
The Investigation Labyrinth
Chris Sanders
ELSA 2.0
Martin Holste
Practical Cyborgism: Machine Learning for Bro Logs
Chris McCubbin
My Use of Security Onion as a researcher
Brad Duncan
Simplifying Home Security with CHIVE
Nathan Crews&
Tanner Payne
State of the Onion
Doug Burks
Security Onion Conference 2015
Sep 11, 2015 Augusta, GA
Presentations
Looking Back Over a Quarter Century of Network Monitoring
Todd Heberlein
Detect it Once
Seth Hall
Security Event Data in the OODA Loop Model
Martin Holste
Industrially Hardened Security Onion Sensor
Chris Sistrunk
Using Sysmon to Enrich Security Onion's Host-Level Capabilities
Josh Brower
Threat Intel Powered IDS
Chris Montgomery
Security Onion Conference 2014
Sep 12, 2014 Augusta, GA
Presentations
Keynote Speech
Richard Bejtlich
Why I Built Snorby and the Future of Security Interfaces
Dustin Webber
SQUERT - An Open Source Web Interface for NSM Data
Paul Halliday
ELSA
Martin Holste
Scaling Security Onion to the Enterprise
Mike Reeves
The Security Onion Cloud Client
Josh Brower
Using Flow Data Effectively
Chris Sanders&
Jason Smith
Learn Analysis and Forensics for Free** with Security Onion
Ben Knowles
Custodiet MSSP Framework
Tim Krabec
Contributing to Security Onion
Scott Runnels
State of the Onion, Q&A, Closing Remarks
Doug Burks
+ \ No newline at end of file diff --git a/contact_us/_payload.json b/contact_us/_payload.json index 28112ac50..9f753d0b8 100644 --- a/contact_us/_payload.json +++ b/contact_us/_payload.json @@ -1 +1 @@ -[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730246619208] \ No newline at end of file +[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730332963560] \ No newline at end of file diff --git a/contact_us/index.html b/contact_us/index.html index a0473c4b2..7d8e68287 100644 --- a/contact_us/index.html +++ b/contact_us/index.html @@ -4,7 +4,7 @@ - + @@ -19,5 +19,5 @@
Security Onion Solutions
- \ No newline at end of file + S29.104,22,28,22z" data-v-23be24b1>
+ \ No newline at end of file diff --git a/education/_payload.json b/education/_payload.json index 10b552d9c..f11f057d4 100644 --- a/education/_payload.json +++ b/education/_payload.json @@ -1 +1 @@ -[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730246619184] \ No newline at end of file +[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730332963547] \ No newline at end of file diff --git a/education/index.html b/education/index.html index b40ed22d1..cf1a948ed 100644 --- a/education/index.html +++ b/education/index.html @@ -7,7 +7,7 @@ - + @@ -26,5 +26,5 @@
Security Onion Solutions
Security Onion
For Education
Use the leading free and open threat hunting tool in your classroom
Using Security Onion in the Classroom

Join the ranks of universities and institutions for higher education around the world that use Security Onion to educate the next generation of cybersecurity professionals!

The Security Onion free and open license is perfectly suited for classroom use. No need to purchase or apply for special educational licenses for educators or students. The version of Security Onion used in the classroom is the same one used to defend enterprise networks around the world!

FAQ
Q:
What resources are available to help me learn about Security Onion?
A:
YouTube: securityonion.net/youtube
Official Training: securityonionsolutions.com/training
Q:
Do you offer academic discounts on training?
A:
Our Essentials course is FREE! For those looking to further their understanding of the Security Onion platform we do offer academic discounts* on our on-demand training. Contact us for more information.
Q:
I'm having trouble with Security Onion. How do I get help?
A:
We have excellent documentation available here, with its own FAQ here. For more information about support options, click here.
Q:
May I use Security Onion's documentation as part of my course?
A:
You are free to reference our documentation while teaching your course, but please check the documentation's license for further details.
Q:
May I use Security Onion Solutions' paid course material as part of my course?
A:
Security Onion Solutions' paid course material is copyrighted and should not be re-used in any way without express written permission.
Q:
How do I get someone to talk to my class about Security Onion?
A:
Contact us for more details.
*
Discounts are available to students and faculty of accredited institutions, subject to limitations.
Have more questions about teaching using Security Onion?
- \ No newline at end of file + S29.104,22,28,22z" data-v-23be24b1>
Security Onion
For Education
Use the leading free and open threat hunting tool in your classroom
Using Security Onion in the Classroom

Join the ranks of universities and institutions for higher education around the world that use Security Onion to educate the next generation of cybersecurity professionals!

The Security Onion free and open license is perfectly suited for classroom use. No need to purchase or apply for special educational licenses for educators or students. The version of Security Onion used in the classroom is the same one used to defend enterprise networks around the world!

FAQ
Q:
What resources are available to help me learn about Security Onion?
A:
YouTube: securityonion.net/youtube
Official Training: securityonionsolutions.com/training
Q:
Do you offer academic discounts on training?
A:
Our Essentials course is FREE! For those looking to further their understanding of the Security Onion platform we do offer academic discounts* on our on-demand training. Contact us for more information.
Q:
I'm having trouble with Security Onion. How do I get help?
A:
We have excellent documentation available here, with its own FAQ here. For more information about support options, click here.
Q:
May I use Security Onion's documentation as part of my course?
A:
You are free to reference our documentation while teaching your course, but please check the documentation's license for further details.
Q:
May I use Security Onion Solutions' paid course material as part of my course?
A:
Security Onion Solutions' paid course material is copyrighted and should not be re-used in any way without express written permission.
Q:
How do I get someone to talk to my class about Security Onion?
A:
Contact us for more details.
*
Discounts are available to students and faculty of accredited institutions, subject to limitations.
Have more questions about teaching using Security Onion?
+ \ No newline at end of file diff --git a/hardware/_payload.json b/hardware/_payload.json index 4b82c2fde..1e39f74e0 100644 --- a/hardware/_payload.json +++ b/hardware/_payload.json @@ -1 +1 @@ -[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730246619161] \ No newline at end of file +[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730332963530] \ No newline at end of file diff --git a/hardware/index.html b/hardware/index.html index a13b27b9d..45bc58abb 100644 --- a/hardware/index.html +++ b/hardware/index.html @@ -12,7 +12,7 @@ - + @@ -38,5 +38,5 @@
Security Onion Solutions
Appliances
Overview
Comparison
Next Gen Is Here!
Introducing the newest generation of Security Onion appliances. With upgraded storage, network, processing, and memory these new appliances will make it even easier to make your adversaries cry!
Official Hardware Appliances for Security Onion
We know Security Onion's hardware needs, and our appliances are the perfect match for the platform. Leave the hardware research, testing, and support to us, so you can focus on what's important for your organization.
Integration with Security Onion
Security Onion's SOC interface provides appliance-specific information directly in the user-interface. Use this information to monitor the appliance's health in realtime. Also view the appliance front and rear panels, useful for walking through connectivity discussions with personnel in the data center. Only official Security Onion Solutions appliances are supported with this integration.
Support Security Onion
Not only will you have confidence that your Security Onion deployment is running on the best-suited hardware, you will also be supporting future development and maintenance of the Security Onion project!
Response-Ready Appliances
Our Response-Ready appliance provide rapidly deployable options for:
  • Government, Military, or Commercial Applications
  • Tactical Edge Enterprise Security Monitoring
  • Deployable, Small Form Factor, and ATA-Compliant
Appliance Comparison
 
Model
Forward Node
Throughput †
Standalone
Throughput †
500
500 MbpsN/A
1000
1 Gbps500 Mbps
2000
2 Gbps1 Gbps
5000
5 GbpsN/A
10000
10 Gbps ‡N/A
MN
N/AN/A
SN7200
N/A3 Gbps
SNNV
N/A5 Gbps ‡
GoFast
10 Gbps5 Gbps
* Disk storage sizes are approximate, and represent the largest configuration available for the appliance. When referring to drive capacity, one terabyte, or TB, equals one thousand billion bytes and one gigabyte, or GB, equals one billion bytes. The operating system may use a different standard of measurement and report a lower capacity. Some of the listed capacity is used for formatting and other functions and will not be available for data storage.
† Actual performance depends on network traffic. Stated specifications represent the fastest configuration available for the appliance, however, other configurations are also available for specific use cases. Forward node estimates assume a separate Manager Node is used.
‡ The SOS 10000 Forward Node Throughput rating and SOS SNNV Standalone rating are achieved without full packet capture.
§ Network transceivers sold separately.
Ready to purchase or need more information?
- \ No newline at end of file + S29.104,22,28,22z" data-v-23be24b1>
Appliances
Overview
Comparison
Next Gen Is Here!
Introducing the newest generation of Security Onion appliances. With upgraded storage, network, processing, and memory these new appliances will make it even easier to make your adversaries cry!
Official Hardware Appliances for Security Onion
We know Security Onion's hardware needs, and our appliances are the perfect match for the platform. Leave the hardware research, testing, and support to us, so you can focus on what's important for your organization.
Integration with Security Onion
Security Onion's SOC interface provides appliance-specific information directly in the user-interface. Use this information to monitor the appliance's health in realtime. Also view the appliance front and rear panels, useful for walking through connectivity discussions with personnel in the data center. Only official Security Onion Solutions appliances are supported with this integration.
Support Security Onion
Not only will you have confidence that your Security Onion deployment is running on the best-suited hardware, you will also be supporting future development and maintenance of the Security Onion project!
Response-Ready Appliances
Our Response-Ready appliance provide rapidly deployable options for:
  • Government, Military, or Commercial Applications
  • Tactical Edge Enterprise Security Monitoring
  • Deployable, Small Form Factor, and ATA-Compliant
Appliance Comparison
 
Model
Forward Node
Throughput †
Standalone
Throughput †
500
500 MbpsN/A
1000
1 Gbps500 Mbps
2000
2 Gbps1 Gbps
5000
5 GbpsN/A
10000
10 Gbps ‡N/A
MN
N/AN/A
SN7200
N/A3 Gbps
SNNV
N/A5 Gbps ‡
GoFast
10 Gbps5 Gbps
* Disk storage sizes are approximate, and represent the largest configuration available for the appliance. When referring to drive capacity, one terabyte, or TB, equals one thousand billion bytes and one gigabyte, or GB, equals one billion bytes. The operating system may use a different standard of measurement and report a lower capacity. Some of the listed capacity is used for formatting and other functions and will not be available for data storage.
† Actual performance depends on network traffic. Stated specifications represent the fastest configuration available for the appliance, however, other configurations are also available for specific use cases. Forward node estimates assume a separate Manager Node is used.
‡ The SOS 10000 Forward Node Throughput rating and SOS SNNV Standalone rating are achieved without full packet capture.
§ Network transceivers sold separately.
Ready to purchase or need more information?
+ \ No newline at end of file diff --git a/index.html b/index.html index 929592335..7ce56adc8 100644 --- a/index.html +++ b/index.html @@ -14,7 +14,7 @@ - + @@ -42,5 +42,5 @@
Security Onion Solutions
Home
Portfolio
Partners
About
History
Team
Introducing
Security Onion Pro
Our newest licensed feature set includes additional features designed to help organizations maintain policy compliance and improve cybersecurity team efficiency.
Products
Our products include both the Security Onion software and specialized hardware appliances that are built and tested to run Security Onion. Our appliances will save you and your team time and resources, allowing you to focus on keeping your organization secure.
Services
We offer both training and support for Security Onion. Our instructors are the only Security Onion Certified Instructors in the world and our course material is the only authorized training material for Security Onion. We've been teaching Security Onion classes and providing Professional Services since 2014.
Interested in discussing how our products and services can help your organization?
Our Partners
About Us
Security Onion Solutions, LLC is the creator and maintainer of Security Onion, a free and open platform for threat hunting, network security monitoring, and log management. Security Onion includes best-of-breed free and open tools including Suricata, Zeek, the Elastic Stack and many others.
We created and maintain Security Onion, so we know it better than anybody else. When you purchase products and services from us, you're helping to fund development of Security Onion!
Our History
Our humble beginnings
2008
2009
First release
2012
Big Distro Rebuild (BDR)
2014
Security Onion Solutions, LLC
2016
Company expansion
2018
Custom hardware
2019
Team continues to grow!
2020
Security Onion 2
2021
Over 2 million downloads!
2022
Significant software features introduced
2023
Security Onion 2.4 released
2024
Security Onion Pro
In 2008, Doug Burks started working on Security Onion, a Linux distribution for intrusion detection, network security monitoring, and log management.
Our Team
Doug Burks
Founder and CEO
Phil Plantamura
Chief Operating Officer
Mike Byrd
Chief Financial Officer
Mike Reeves
Vice President of Product
Josh Brower
Principal Engineer
Karen Henegar Long
Sales and Training Support
Josh Patterson
Principal Engineer
Bryant Treacle
Senior Engineer
John Bernal
Senior Engineer
Jason Ertel
Vice President of Software Engineering
Chris Morgret
Manager of Support and Professional Services
Pete Di Giorgio
Vice President of Federal
Matt Gracie
Senior Engineer
Nate Olsen
Account Manager
Ethan Burrow
Associate Support Engineer
Robbie Marshall
Senior Engineer
Tom Gilson
Senior Engineer
Jorge Reyes
Senior Engineer
Corey Ogburn
Senior Software Engineer
Reggie Harris
Associate Support Engineer
- \ No newline at end of file + S29.104,22,28,22z" data-v-23be24b1>
Home
Portfolio
Partners
About
History
Team
Introducing
Security Onion Pro
Our newest licensed feature set includes additional features designed to help organizations maintain policy compliance and improve cybersecurity team efficiency.
Products
Our products include both the Security Onion software and specialized hardware appliances that are built and tested to run Security Onion. Our appliances will save you and your team time and resources, allowing you to focus on keeping your organization secure.
Services
We offer both training and support for Security Onion. Our instructors are the only Security Onion Certified Instructors in the world and our course material is the only authorized training material for Security Onion. We've been teaching Security Onion classes and providing Professional Services since 2014.
Interested in discussing how our products and services can help your organization?
Our Partners
About Us
Security Onion Solutions, LLC is the creator and maintainer of Security Onion, a free and open platform for threat hunting, network security monitoring, and log management. Security Onion includes best-of-breed free and open tools including Suricata, Zeek, the Elastic Stack and many others.
We created and maintain Security Onion, so we know it better than anybody else. When you purchase products and services from us, you're helping to fund development of Security Onion!
Our History
Our humble beginnings
2008
2009
First release
2012
Big Distro Rebuild (BDR)
2014
Security Onion Solutions, LLC
2016
Company expansion
2018
Custom hardware
2019
Team continues to grow!
2020
Security Onion 2
2021
Over 2 million downloads!
2022
Significant software features introduced
2023
Security Onion 2.4 released
2024
Security Onion Pro
In 2008, Doug Burks started working on Security Onion, a Linux distribution for intrusion detection, network security monitoring, and log management.
Our Team
Doug Burks
Founder and CEO
Phil Plantamura
Chief Operating Officer
Mike Byrd
Chief Financial Officer
Mike Reeves
Vice President of Product
Josh Brower
Principal Engineer
Karen Henegar Long
Sales and Training Support
Josh Patterson
Principal Engineer
Bryant Treacle
Senior Engineer
John Bernal
Senior Engineer
Jason Ertel
Vice President of Software Engineering
Chris Morgret
Manager of Support and Professional Services
Pete Di Giorgio
Vice President of Federal
Matt Gracie
Senior Engineer
Nate Olsen
Account Manager
Ethan Burrow
Associate Support Engineer
Robbie Marshall
Senior Engineer
Tom Gilson
Senior Engineer
Jorge Reyes
Senior Engineer
Corey Ogburn
Senior Software Engineer
Reggie Harris
Associate Support Engineer
+ \ No newline at end of file diff --git a/license/_payload.json b/license/_payload.json index 305a47941..fef2b6886 100644 --- a/license/_payload.json +++ b/license/_payload.json @@ -1 +1 @@ -[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730246619189] \ No newline at end of file +[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730332963550] \ No newline at end of file diff --git a/license/index.html b/license/index.html index 304006a24..8a65b3084 100644 --- a/license/index.html +++ b/license/index.html @@ -9,7 +9,7 @@ - + @@ -25,5 +25,5 @@
Security Onion Solutions
Security Onion
License
Security Onion 2.4 is licensed under the terms of the Elastic License 2.0 (ELv2)
Elastic License 2.0 (ELv2)
Acceptance
By using the software, you agree to all of the terms and conditions below.
Copyright License
The licensor grants you a non-exclusive, royalty-free, worldwide, non-sublicensable, non-transferable license to use, copy, distribute, make available, and prepare derivative works of the software, in each case subject to the limitations and conditions below.
Limitations
You may not provide the software to third parties as a hosted or managed service, where the service provides users with access to any substantial set of the features or functionality of the software.

You may not move, change, disable, or circumvent the license key functionality in the software, and you may not remove or obscure any functionality in the software that is protected by the license key.

You may not alter, remove, or obscure any licensing, copyright, or other notices of the licensor in the software. Any use of the licensor’s trademarks is subject to applicable law.
Patents
The licensor grants you a license, under any patent claims the licensor can license, or becomes able to license, to make, have made, use, sell, offer for sale, import and have imported the software, in each case subject to the limitations and conditions in this license. This license does not cover any patent claims that you cause to be infringed by modifications or additions to the software. If you or your company make any written claim that the software infringes or contributes to infringement of any patent, your patent license for the software granted under these terms ends immediately. If your company makes such a claim, your patent license ends immediately for work on behalf of your company.
Notices
You must ensure that anyone who gets a copy of any part of the software from you also gets a copy of these terms.

If you modify the software, you must include in any modified copies of the software prominent notices stating that you have modified the software.
No Other Rights
These terms do not imply any licenses other than those expressly granted in these terms.
Termination
If you use the software in violation of these terms, such use is not licensed, and your licenses will automatically terminate. If the licensor provides you with a notice of your violation, and you cease all violation of this license no later than 30 days after you receive that notice, your licenses will be reinstated retroactively. However, if you violate these terms after such reinstatement, any additional violation of these terms will cause your licenses to terminate automatically and permanently.
No Liability
As far as the law allows, the software comes as is, without any warranty or condition, and the licensor will not be liable to you for any damages arising out of these terms or the use or nature of the software, under any kind of legal claim.
Definitions
The licensor is the entity offering these terms, and the software is the software the licensor makes available under these terms, including any portion of it.

you refers to the individual or entity agreeing to these terms.

your company is any legal entity, sole proprietorship, or other kind of organization that you work for, plus all organizations that have control over, are under the control of, or are under common control with that organization. control means ownership of substantially all the assets of an entity, or the power to direct its management and policies by vote, contract, or otherwise. Control can be direct or indirect.

your licenses are all the licenses granted to you for the software under these terms.

use means anything you do with the software requiring one of your licenses.

trademark means trademarks, service marks, and similar rights.
- \ No newline at end of file + S29.104,22,28,22z" data-v-23be24b1>
Security Onion
License
Security Onion 2.4 is licensed under the terms of the Elastic License 2.0 (ELv2)
Elastic License 2.0 (ELv2)
Acceptance
By using the software, you agree to all of the terms and conditions below.
Copyright License
The licensor grants you a non-exclusive, royalty-free, worldwide, non-sublicensable, non-transferable license to use, copy, distribute, make available, and prepare derivative works of the software, in each case subject to the limitations and conditions below.
Limitations
You may not provide the software to third parties as a hosted or managed service, where the service provides users with access to any substantial set of the features or functionality of the software.

You may not move, change, disable, or circumvent the license key functionality in the software, and you may not remove or obscure any functionality in the software that is protected by the license key.

You may not alter, remove, or obscure any licensing, copyright, or other notices of the licensor in the software. Any use of the licensor’s trademarks is subject to applicable law.
Patents
The licensor grants you a license, under any patent claims the licensor can license, or becomes able to license, to make, have made, use, sell, offer for sale, import and have imported the software, in each case subject to the limitations and conditions in this license. This license does not cover any patent claims that you cause to be infringed by modifications or additions to the software. If you or your company make any written claim that the software infringes or contributes to infringement of any patent, your patent license for the software granted under these terms ends immediately. If your company makes such a claim, your patent license ends immediately for work on behalf of your company.
Notices
You must ensure that anyone who gets a copy of any part of the software from you also gets a copy of these terms.

If you modify the software, you must include in any modified copies of the software prominent notices stating that you have modified the software.
No Other Rights
These terms do not imply any licenses other than those expressly granted in these terms.
Termination
If you use the software in violation of these terms, such use is not licensed, and your licenses will automatically terminate. If the licensor provides you with a notice of your violation, and you cease all violation of this license no later than 30 days after you receive that notice, your licenses will be reinstated retroactively. However, if you violate these terms after such reinstatement, any additional violation of these terms will cause your licenses to terminate automatically and permanently.
No Liability
As far as the law allows, the software comes as is, without any warranty or condition, and the licensor will not be liable to you for any damages arising out of these terms or the use or nature of the software, under any kind of legal claim.
Definitions
The licensor is the entity offering these terms, and the software is the software the licensor makes available under these terms, including any portion of it.

you refers to the individual or entity agreeing to these terms.

your company is any legal entity, sole proprietorship, or other kind of organization that you work for, plus all organizations that have control over, are under the control of, or are under common control with that organization. control means ownership of substantially all the assets of an entity, or the power to direct its management and policies by vote, contract, or otherwise. Control can be direct or indirect.

your licenses are all the licenses granted to you for the software under these terms.

use means anything you do with the software requiring one of your licenses.

trademark means trademarks, service marks, and similar rights.
+ \ No newline at end of file diff --git a/privacy/_payload.json b/privacy/_payload.json index e21f8912f..a35f4abc8 100644 --- a/privacy/_payload.json +++ b/privacy/_payload.json @@ -1 +1 @@ -[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730246619194] \ No newline at end of file +[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730332963553] \ No newline at end of file diff --git a/privacy/index.html b/privacy/index.html index 568fdeb16..3ff27d171 100644 --- a/privacy/index.html +++ b/privacy/index.html @@ -9,7 +9,7 @@ - + @@ -25,5 +25,5 @@
Security Onion Solutions
Security Onion
Privacy Policy
Updated on 05/02/2024
Introduction

Security Onion Solutions, LLC ("Company" or "We") respect your privacy and are committed to protecting it through our compliance with this policy.

This policy describes the types of information we may collect from you or that you may provide when you visit the website securityonionsolutions.com (our "Website") or use our products and services (“Products”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This policy applies to information we collect:

  • On this Website;
  • In email, text, and other electronic messages between you and this Website; or
  • When you use our Products.

It does not apply to information collected by:

  • Us offline or through any other means, including on any other website operated by Company or any third party; or
  • Any third party, including through any application or content (including advertising) that may link to or be accessible from or through the Website.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Website or our Products. This policy may change from time to time. Please check the policy periodically for updates.

Children Under the Age of 18

Our Website is not intended for children under 18 years of age. No one under age 18 may provide any personal information to or on the Website. We do not knowingly collect personal information from children under 18. If you are under 18, do not provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us at legal@securityonionsolutions.com.

Collected Information

When using our Website or our Products, some information may be automatically collected. Information that is automatically collected includes the internet address from which you are connecting, the type and version of the operating system and web browser you are using, and information about your visit to the Website, including length of visit and pages you visit. Such information does not automatically identify you personally, although if combined with other personally identifiable information it may be used to identify you personally.

When using our Website or our Products, we may also collect personally identifiable information that you provide to us, including your name and email address.

When registering for our Products via a third party, such as an online marketplace, the third-party provider may choose to share personally identifiable information with us. Examples of this information include your name, email address, or any other information you provide to such third party.

Both the automatically collected information and information that you provide to us are together referred to as 'collected information' in the remainder of this privacy policy.

Usage

We use the automatically collected information to improve our products and websites and to help us provide a better user experience. This information, when combined with the information of our other users, in the aggregate, will allow us to analyze product and service usage patterns.

We may use the information you provide us to contact you. This could occur for many reasons, such as when we respond to your Product or Website inquiry. This could also occur when we need to notify you about Product changes, system outages, or security-related events that we believe may be of interest to you.

We may share your information with our service providers who support our business, solely for the purpose of supporting our business.

Disclosure

We may disclose the collected information in response to legal processes, for example, when directed by a court order or subpoena. This information may also be disclosed to law enforcement officials when requested, or when we feel doing so would assist in the prevention of illegal activities, physical harm to people or animals, or violations to our product licenses or terms of use.

We may transfer this collected information if one or more of our business units is acquired by, sold to, or merged with another company.

We will not transfer or disclose your personally identifiable information to other companies for their marketing or other business ventures, or use automatically collected information to identify you personally, except as when noted otherwise in this Privacy Policy.

We take appropriate measures at preventing unwanted disclosure of this collected information.

Cookies

Our Website and Products use "cookies" to store collected information onto your computer. This collected information may contain both non-personally identifiable information and personally identifiable information. For example, this information could include your email address, preferences, and other information that we use to provide an improved user experience.

You can configure your browser to accept all cookies, reject all cookies, or notify you when a cookie is set. This site provides instructions for adjusting cookie preferences for common browsers:

How to control cookies

Note that rejecting cookies in our products may prevent proper use of those products.

If your browser is not listed on the site above, check your browser's "Help" menu to learn how to change your cookie preferences.

Data Security

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. Information you provide to us is stored at Amazon Web Services (“AWS”) or in Google Analytics. You may read about the AWS security measures at https://aws.amazon.com/privacy/. You may read about Google Analytics’ security measures at https://policies.google.com/privacy?hl=en.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.

Third-Party Sites

Our Website and Products may contain links to third-party services; however, they are not ours and the content provided by those links do not originate from our servers. When you transition to third-party websites, this privacy policy no longer applies.

Contact Us

If you have any questions about this policy, the practices of this Website or our Products, or your dealings with this Website or our Products, please contact us at legal@securityonionsolutions.com.

- \ No newline at end of file + S29.104,22,28,22z" data-v-23be24b1>
Security Onion
Privacy Policy
Updated on 05/02/2024
Introduction

Security Onion Solutions, LLC ("Company" or "We") respect your privacy and are committed to protecting it through our compliance with this policy.

This policy describes the types of information we may collect from you or that you may provide when you visit the website securityonionsolutions.com (our "Website") or use our products and services (“Products”) and our practices for collecting, using, maintaining, protecting, and disclosing that information.

This policy applies to information we collect:

  • On this Website;
  • In email, text, and other electronic messages between you and this Website; or
  • When you use our Products.

It does not apply to information collected by:

  • Us offline or through any other means, including on any other website operated by Company or any third party; or
  • Any third party, including through any application or content (including advertising) that may link to or be accessible from or through the Website.

Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use our Website or our Products. This policy may change from time to time. Please check the policy periodically for updates.

Children Under the Age of 18

Our Website is not intended for children under 18 years of age. No one under age 18 may provide any personal information to or on the Website. We do not knowingly collect personal information from children under 18. If you are under 18, do not provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us at legal@securityonionsolutions.com.

Collected Information

When using our Website or our Products, some information may be automatically collected. Information that is automatically collected includes the internet address from which you are connecting, the type and version of the operating system and web browser you are using, and information about your visit to the Website, including length of visit and pages you visit. Such information does not automatically identify you personally, although if combined with other personally identifiable information it may be used to identify you personally.

When using our Website or our Products, we may also collect personally identifiable information that you provide to us, including your name and email address.

When registering for our Products via a third party, such as an online marketplace, the third-party provider may choose to share personally identifiable information with us. Examples of this information include your name, email address, or any other information you provide to such third party.

Both the automatically collected information and information that you provide to us are together referred to as 'collected information' in the remainder of this privacy policy.

Usage

We use the automatically collected information to improve our products and websites and to help us provide a better user experience. This information, when combined with the information of our other users, in the aggregate, will allow us to analyze product and service usage patterns.

We may use the information you provide us to contact you. This could occur for many reasons, such as when we respond to your Product or Website inquiry. This could also occur when we need to notify you about Product changes, system outages, or security-related events that we believe may be of interest to you.

We may share your information with our service providers who support our business, solely for the purpose of supporting our business.

Disclosure

We may disclose the collected information in response to legal processes, for example, when directed by a court order or subpoena. This information may also be disclosed to law enforcement officials when requested, or when we feel doing so would assist in the prevention of illegal activities, physical harm to people or animals, or violations to our product licenses or terms of use.

We may transfer this collected information if one or more of our business units is acquired by, sold to, or merged with another company.

We will not transfer or disclose your personally identifiable information to other companies for their marketing or other business ventures, or use automatically collected information to identify you personally, except as when noted otherwise in this Privacy Policy.

We take appropriate measures at preventing unwanted disclosure of this collected information.

Cookies

Our Website and Products use "cookies" to store collected information onto your computer. This collected information may contain both non-personally identifiable information and personally identifiable information. For example, this information could include your email address, preferences, and other information that we use to provide an improved user experience.

You can configure your browser to accept all cookies, reject all cookies, or notify you when a cookie is set. This site provides instructions for adjusting cookie preferences for common browsers:

How to control cookies

Note that rejecting cookies in our products may prevent proper use of those products.

If your browser is not listed on the site above, check your browser's "Help" menu to learn how to change your cookie preferences.

Data Security

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. Information you provide to us is stored at Amazon Web Services (“AWS”) or in Google Analytics. You may read about the AWS security measures at https://aws.amazon.com/privacy/. You may read about Google Analytics’ security measures at https://policies.google.com/privacy?hl=en.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website.

Third-Party Sites

Our Website and Products may contain links to third-party services; however, they are not ours and the content provided by those links do not originate from our servers. When you transition to third-party websites, this privacy policy no longer applies.

Contact Us

If you have any questions about this policy, the practices of this Website or our Products, or your dealings with this Website or our Products, please contact us at legal@securityonionsolutions.com.

+ \ No newline at end of file diff --git a/pro/_payload.json b/pro/_payload.json index c90a2e134..06d2fa111 100644 --- a/pro/_payload.json +++ b/pro/_payload.json @@ -1 +1 @@ -[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730246619154] \ No newline at end of file +[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730332963522] \ No newline at end of file diff --git a/pro/index.html b/pro/index.html index 8cc993411..8fc2d5d4a 100644 --- a/pro/index.html +++ b/pro/index.html @@ -12,7 +12,7 @@ - + @@ -39,5 +39,5 @@
Security Onion Solutions
Security Onion Pro
Features
Services
Coverage
Comparison
FAQ
Security Onion Pro
Powerful features and personalized support offered for enterprise customers!
Enterprise Features
Security Onion Pro includes enterprise-grade features commonly used by medium to large enterprises and government organizations. Below are a few of these powerful features described in more detail.
Notifications
By default, no outbound notifications are enabled in a Security Onion installation. However, with the Pro license applied to a grid, outbound notifications, such as emails, Slack messages, and much more, can be quickly configured via the Configuration screen.
Open ID Connect (OIDC)
Security Onion Console (SOC) supports single sign-on (SSO) authentication via OpenID Connect (OIDC) to one of several OIDC-compatible identity providers. For example, users can log in to Security Onion using an Active Directory user, a GitHub user, a Google account, an Auth0 account, etc.
DoD-Compliant Protections
The Pro license offers DoD Security Technical Implementation Guide (STIG) compliance for CAT 1 issues of the OS. Federal Information Processing Standards (FIPS) and storage-level AES 256 encryption (LUKS) are included.
And Much More!
There are a number of other useful features included with Security Onion Pro. Refer to the comparison chart below to see all the amazing features the Pro license has to offer!
Pro Support and Services
In addition to its many powerful features, the Pro license also includes a number of support and service perks for enterprise customers!
Higher Priority Service Level Agreements (SLAs)
Security Onion Pro includes a one-business-day initial response SLA. A four-business-hour initial response SLA is also available.
Support Hours
For customers running Security Onion on their hardware or smaller SOS appliances, purchasing Security Onion Pro includes twenty hours of professional services and support time. Services include architecture planning, deployment, tuning, break/fix support, parsing, and more. Additional hours packages are available.
Offline Update Service Shipments
For airgap deployments, Security Onion Pro includes shipments of up to two free offline updates per year, when requested.
Health Checks
Security Onion Pro includes two free one-hour health checks per year. Our Security Onion experts will assist in reviewing the health and state of your grid.
Pro Hardware and Coverage
Included with Larger Hardware Appliances
Security Onion Pro is included with many of our larger hardware appliance models, such as the SOS SN7200, SOS SNNV, and SOS GoFast, at no additional charge. See our full appliance list on the Hardware page.
Broad Grid Coverage
The standard Pro license includes licensing for up to ten Security Onion nodes, with additional node packs available for purchase. Additionally, we offer a standalone Pro license for single node grids.
Community vs Pro Comparison
Community
Pro
Flexible Installation Options
Internet-connected and airgap
Alerting
Triggers host and network (NIDS) alerts and provides user interface with drilldown, acknowledgement, and escalation
Threat Hunting
Focused Hunt interface
Dashboards with Visualizations
Includes prebuilt and supports custom dashboards
Case Management
Escalate events and track observables
Analyzers
Gather context of observables
Detections
Import and manage Sigma, Suricata, and YARA rules
Audit Trail
Automatically capture case and detection change history
User Management
Includes Role-Based Access Control (RBAC)
Web-Based UI Configuration
Easily modify and customize grid configuration
Grid Management
Manage grid node membership within the SOC UI
Grid Monitoring
Monitor grid status and health
Grid Remote Control
Reboot nodes, import events, and more
Cyberchef Integration
Perform simple and complex data manipulation tasks quickly in a web browser
Packet Metadata
Parse and classify network traffic at OSI layers 3, 4, and 7 using Zeek or Suricata
Packet Capture (PCAP) Storage and Retrieval
View and download raw packet data using Stenographer or Suricata
Endpoint Monitoring
Monitor organization's entire digital footprint for software changes and much more
Fleet Integration
Monitor status of endpoints
Fully Scalable Deployments
Add new sensor and search nodes as your enterprise grows
Intrusion Detection Honeypots (IDH)
Build IDH nodes which mimic services and connect these nodes to your Security Onion grid
Mitre ATT&CK Navigator
Use the Navigator to visualize defensive coverage
Limited Live Response
Use osquery to collect data on the fly or on a schedule from your endpoints and servers
Open ID Connect (OIDC)
SSO authentication via popular OIDC providers
Data at Rest Encryption
Storage-level AES 256 encryption (LUKS)
Federal Information Processing Standards (FIPS)
Standardized security policy compliance for your enterprise
STIG Compliance for the OS
Strict organizational policy compliance for CAT 1 issues of the OS
External Notifications
Quickly configure outbound notifications when alerts are generated
Time Tracking
Track time spent resolving cases
Guaranteed Message Delivery
Ensure all events and logs are recorded using Kafka
Enhanced SLA Options
Additional Service Level Agreements (SLAs) available
Professional Support
Professional services and email/phone/screenshare support hours included
Airgap Update Assistance
Physical media provided up to twice per year
Health Checks
Includes two health checks of your Security Onion grid per year
F.A.Q.
If I purchase Security Onion Pro, do I have to rebuild my existing deployment?

In most cases, you can simply add the Security Onion Pro license key to your existing deployment to enable the enterprise features. An exception would be things like disk encryption that must be enabled during installation.

If I am a free user and won't be purchasing Security Onion Pro, will there be any changes?

No, you can continue using the existing Security Onion features that you use today.

The base license includes licensing for up to ten Security Onion nodes. Do firewalls, endpoints, and other external data sources count as nodes?

No. The license is based on the number of nodes running Security Onion which are joined to the Security Onion Pro grid. Examples include Manager Node, Receiver Nodes, Search Nodes, Forward Nodes, Heavy Nodes, IDH Nodes, Fleet Nodes, etc. Pricing is not tied to the number of data sources.

I am an existing paid customer of Security Onion Solutions. Do I need to purchase Pro to access its capabilities?

You may qualify for Security Onion Pro at little or no additional cost. Contact your account manager for details.

How long are licenses valid?

You can purchase Security Onion Pro for 1-5 year terms.

Does Security Onion Pro automatically renew?

No. Security Onion Solutions will contact you in advance of your renewal date to start the renewal process.

Is Security Onion Pro supported in my hybrid grid?

Yes! You can run Security Onion in hybrid grids of cloud images, customer hardware, and Security Onion appliances. Contact us for additional details.

What if my grid exceeds the number of nodes in my license?

You can acquire additional node packs and receive a new license key to use without impacting the data in your current grid.

What happens when the license expires?

The Security Onion Console (SOC) will remind users starting 45 days before license expiration. If the license expires, Security Onion will revert to community Security Onion until the license key is updated. If you intend to let your license expire, you should notify the Security Onion Solutions Support Team in advance.

Does the license include higher tier licensing for Elastic or other products within Security Onion?

At this time, no other paid licenses are included with Security Onion Pro.

Can I buy the license through a reseller?

Yes. Contact us for more details.

Is an evaluation license available?

Your organization may be eligible for an evaluation license. Contact us for more details.
Ready to purchase or need more information?
- \ No newline at end of file + S29.104,22,28,22z" data-v-23be24b1>
Security Onion Pro
Features
Services
Coverage
Comparison
FAQ
Security Onion Pro
Powerful features and personalized support offered for enterprise customers!
Enterprise Features
Security Onion Pro includes enterprise-grade features commonly used by medium to large enterprises and government organizations. Below are a few of these powerful features described in more detail.
Notifications
By default, no outbound notifications are enabled in a Security Onion installation. However, with the Pro license applied to a grid, outbound notifications, such as emails, Slack messages, and much more, can be quickly configured via the Configuration screen.
Open ID Connect (OIDC)
Security Onion Console (SOC) supports single sign-on (SSO) authentication via OpenID Connect (OIDC) to one of several OIDC-compatible identity providers. For example, users can log in to Security Onion using an Active Directory user, a GitHub user, a Google account, an Auth0 account, etc.
DoD-Compliant Protections
The Pro license offers DoD Security Technical Implementation Guide (STIG) compliance for CAT 1 issues of the OS. Federal Information Processing Standards (FIPS) and storage-level AES 256 encryption (LUKS) are included.
And Much More!
There are a number of other useful features included with Security Onion Pro. Refer to the comparison chart below to see all the amazing features the Pro license has to offer!
Pro Support and Services
In addition to its many powerful features, the Pro license also includes a number of support and service perks for enterprise customers!
Higher Priority Service Level Agreements (SLAs)
Security Onion Pro includes a one-business-day initial response SLA. A four-business-hour initial response SLA is also available.
Support Hours
For customers running Security Onion on their hardware or smaller SOS appliances, purchasing Security Onion Pro includes twenty hours of professional services and support time. Services include architecture planning, deployment, tuning, break/fix support, parsing, and more. Additional hours packages are available.
Offline Update Service Shipments
For airgap deployments, Security Onion Pro includes shipments of up to two free offline updates per year, when requested.
Health Checks
Security Onion Pro includes two free one-hour health checks per year. Our Security Onion experts will assist in reviewing the health and state of your grid.
Pro Hardware and Coverage
Included with Larger Hardware Appliances
Security Onion Pro is included with many of our larger hardware appliance models, such as the SOS SN7200, SOS SNNV, and SOS GoFast, at no additional charge. See our full appliance list on the Hardware page.
Broad Grid Coverage
The standard Pro license includes licensing for up to ten Security Onion nodes, with additional node packs available for purchase. Additionally, we offer a standalone Pro license for single node grids.
Community vs Pro Comparison
Community
Pro
Flexible Installation Options
Internet-connected and airgap
Alerting
Triggers host and network (NIDS) alerts and provides user interface with drilldown, acknowledgement, and escalation
Threat Hunting
Focused Hunt interface
Dashboards with Visualizations
Includes prebuilt and supports custom dashboards
Case Management
Escalate events and track observables
Analyzers
Gather context of observables
Detections
Import and manage Sigma, Suricata, and YARA rules
Audit Trail
Automatically capture case and detection change history
User Management
Includes Role-Based Access Control (RBAC)
Web-Based UI Configuration
Easily modify and customize grid configuration
Grid Management
Manage grid node membership within the SOC UI
Grid Monitoring
Monitor grid status and health
Grid Remote Control
Reboot nodes, import events, and more
Cyberchef Integration
Perform simple and complex data manipulation tasks quickly in a web browser
Packet Metadata
Parse and classify network traffic at OSI layers 3, 4, and 7 using Zeek or Suricata
Packet Capture (PCAP) Storage and Retrieval
View and download raw packet data using Stenographer or Suricata
Endpoint Monitoring
Monitor organization's entire digital footprint for software changes and much more
Fleet Integration
Monitor status of endpoints
Fully Scalable Deployments
Add new sensor and search nodes as your enterprise grows
Intrusion Detection Honeypots (IDH)
Build IDH nodes which mimic services and connect these nodes to your Security Onion grid
Mitre ATT&CK Navigator
Use the Navigator to visualize defensive coverage
Limited Live Response
Use osquery to collect data on the fly or on a schedule from your endpoints and servers
Open ID Connect (OIDC)
SSO authentication via popular OIDC providers
Data at Rest Encryption
Storage-level AES 256 encryption (LUKS)
Federal Information Processing Standards (FIPS)
Standardized security policy compliance for your enterprise
STIG Compliance for the OS
Strict organizational policy compliance for CAT 1 issues of the OS
External Notifications
Quickly configure outbound notifications when alerts are generated
Time Tracking
Track time spent resolving cases
Guaranteed Message Delivery
Ensure all events and logs are recorded using Kafka
Enhanced SLA Options
Additional Service Level Agreements (SLAs) available
Professional Support
Professional services and email/phone/screenshare support hours included
Airgap Update Assistance
Physical media provided up to twice per year
Health Checks
Includes two health checks of your Security Onion grid per year
F.A.Q.
If I purchase Security Onion Pro, do I have to rebuild my existing deployment?

In most cases, you can simply add the Security Onion Pro license key to your existing deployment to enable the enterprise features. An exception would be things like disk encryption that must be enabled during installation.

If I am a free user and won't be purchasing Security Onion Pro, will there be any changes?

No, you can continue using the existing Security Onion features that you use today.

The base license includes licensing for up to ten Security Onion nodes. Do firewalls, endpoints, and other external data sources count as nodes?

No. The license is based on the number of nodes running Security Onion which are joined to the Security Onion Pro grid. Examples include Manager Node, Receiver Nodes, Search Nodes, Forward Nodes, Heavy Nodes, IDH Nodes, Fleet Nodes, etc. Pricing is not tied to the number of data sources.

I am an existing paid customer of Security Onion Solutions. Do I need to purchase Pro to access its capabilities?

You may qualify for Security Onion Pro at little or no additional cost. Contact your account manager for details.

How long are licenses valid?

You can purchase Security Onion Pro for 1-5 year terms.

Does Security Onion Pro automatically renew?

No. Security Onion Solutions will contact you in advance of your renewal date to start the renewal process.

Is Security Onion Pro supported in my hybrid grid?

Yes! You can run Security Onion in hybrid grids of cloud images, customer hardware, and Security Onion appliances. Contact us for additional details.

What if my grid exceeds the number of nodes in my license?

You can acquire additional node packs and receive a new license key to use without impacting the data in your current grid.

What happens when the license expires?

The Security Onion Console (SOC) will remind users starting 45 days before license expiration. If the license expires, Security Onion will revert to community Security Onion until the license key is updated. If you intend to let your license expire, you should notify the Security Onion Solutions Support Team in advance.

Does the license include higher tier licensing for Elastic or other products within Security Onion?

At this time, no other paid licenses are included with Security Onion Pro.

Can I buy the license through a reseller?

Yes. Contact us for more details.

Is an evaluation license available?

Your organization may be eligible for an evaluation license. Contact us for more details.
Ready to purchase or need more information?
+ \ No newline at end of file diff --git a/software/_payload.json b/software/_payload.json index 1e2f64ba4..2ed291670 100644 --- a/software/_payload.json +++ b/software/_payload.json @@ -1 +1 @@ -[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730246619158] \ No newline at end of file +[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730332963527] \ No newline at end of file diff --git a/software/index.html b/software/index.html index e8eabf04d..52862e3eb 100644 --- a/software/index.html +++ b/software/index.html @@ -14,7 +14,7 @@ - + @@ -40,5 +40,5 @@
Security Onion Solutions
Security Onion
Overview
Use Cases
Features
Overview
Security Onion is a free and open platform built by defenders for defenders. It includes network visibility, host visibility, intrusion detection honeypots, log management, and case management.
For network visibility, we offer signature based detection via Suricata, rich protocol metadata and file extraction using your choice of either Zeek or Suricata, full packet capture via Stenographer, and file analysis via Strelka. For host visibility, we offer the Elastic Agent which provides data collection, live queries via osquery, and centralized management using Elastic Fleet. Intrusion detection honeypots based on OpenCanary can be added to your deployment for even more enterprise visibility. All of these logs flow into the Elastic stack and we've built our own user interfaces for alerting, hunting, dashboards, case management, and grid management.
Security Onion has been downloaded over 2 million times and is being used by security teams around the world to monitor and defend their enterprises. Our easy-to-use Setup wizard allows you to build a distributed grid for your enterprise in minutes!
Highly Scalable
From a single network appliance, to a grid of a thousand nodes, Security Onion scales to fit your specific needs.
Open Community
Security Onion and the tools we integrate are all open to the public, written by members of the cyber security community. Source code is available in GitHub for review by those interested in understanding how the system works, behind the scenes.
Use Cases
Network Visibility
Collect network events from Zeek, Suricata, and other tools for complete coverage of your network. Cast a wide net to catch the bad guys quickly and easily.
Host Visibility
Security Onion supports Elastic Agent for event collection on your organization's endpoints. Simply install the agent package available in the SOC Downloads page!
Static Analysis (PCAP and EVTX Import)
Use Security Onion to import full packet capture files and Windows Event log files for quick static analysis and case studies. Spin up a virtual machine quickly and get started in just a few minutes!
Security Onion Desktop
A Linux desktop install option is also available for SOC analysts to use local Linux tools to perform analysis of network and host events. No need to install extra tools; we bundle all the apps you might need.
Included Features
Use our Alerts interface to review and manage alerts generated by Security Onion.
Data Types
Agent
Information gathered from agent software
Elastic Agent
Alert
Judgment made by a product about an event
Suricata
Asset
Metadata about hosts on the network
Zeek
Extracted Content
Rebuilt elements of a session and extracted metadata
Zeek
Full Content
All packets on the network
Stenographer
Session
Detail about conversations between hosts
Zeek, Suricata
Transaction
Generated logs based on network traffic protocols
Zeek, Suricata
Let Security Onion Solutions take care of the hardware and setup, so you can focus on threat hunting.
- \ No newline at end of file + S29.104,22,28,22z" data-v-23be24b1>
Security Onion
Overview
Use Cases
Features
Overview
Security Onion is a free and open platform built by defenders for defenders. It includes network visibility, host visibility, intrusion detection honeypots, log management, and case management.
For network visibility, we offer signature based detection via Suricata, rich protocol metadata and file extraction using your choice of either Zeek or Suricata, full packet capture via Stenographer, and file analysis via Strelka. For host visibility, we offer the Elastic Agent which provides data collection, live queries via osquery, and centralized management using Elastic Fleet. Intrusion detection honeypots based on OpenCanary can be added to your deployment for even more enterprise visibility. All of these logs flow into the Elastic stack and we've built our own user interfaces for alerting, hunting, dashboards, case management, and grid management.
Security Onion has been downloaded over 2 million times and is being used by security teams around the world to monitor and defend their enterprises. Our easy-to-use Setup wizard allows you to build a distributed grid for your enterprise in minutes!
Highly Scalable
From a single network appliance, to a grid of a thousand nodes, Security Onion scales to fit your specific needs.
Open Community
Security Onion and the tools we integrate are all open to the public, written by members of the cyber security community. Source code is available in GitHub for review by those interested in understanding how the system works, behind the scenes.
Use Cases
Network Visibility
Collect network events from Zeek, Suricata, and other tools for complete coverage of your network. Cast a wide net to catch the bad guys quickly and easily.
Host Visibility
Security Onion supports Elastic Agent for event collection on your organization's endpoints. Simply install the agent package available in the SOC Downloads page!
Static Analysis (PCAP and EVTX Import)
Use Security Onion to import full packet capture files and Windows Event log files for quick static analysis and case studies. Spin up a virtual machine quickly and get started in just a few minutes!
Security Onion Desktop
A Linux desktop install option is also available for SOC analysts to use local Linux tools to perform analysis of network and host events. No need to install extra tools; we bundle all the apps you might need.
Included Features
Use our Alerts interface to review and manage alerts generated by Security Onion.
Data Types
Agent
Information gathered from agent software
Elastic Agent
Alert
Judgment made by a product about an event
Suricata
Asset
Metadata about hosts on the network
Zeek
Extracted Content
Rebuilt elements of a session and extracted metadata
Zeek
Full Content
All packets on the network
Stenographer
Session
Detail about conversations between hosts
Zeek, Suricata
Transaction
Generated logs based on network traffic protocols
Zeek, Suricata
Let Security Onion Solutions take care of the hardware and setup, so you can focus on threat hunting.
+ \ No newline at end of file diff --git a/support/_payload.json b/support/_payload.json index f64b18d36..20102657f 100644 --- a/support/_payload.json +++ b/support/_payload.json @@ -1 +1 @@ -[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730246619177] \ No newline at end of file +[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730332963542] \ No newline at end of file diff --git a/support/index.html b/support/index.html index 833769468..e6d8d95a5 100644 --- a/support/index.html +++ b/support/index.html @@ -10,7 +10,7 @@ - + @@ -32,5 +32,5 @@
Security Onion Solutions
Support & Professional Services
Premium
Community
Premium Support
Security Onion Solutions is the only official support provider. We've been helping catch the bad guys since 2014!
Support and Professional Services
Enterprise Deployments
From architecture and hardware planning to step-by-step remote deployment, our team will be there to help you with your Security Onion infrastructure at any scale.
Tuning
We'll use best practices to tune Security Onion components for optimal performance including metadata, signatures, packet capture retention, packet loss, and backend applications.
Troubleshooting
Have a problem? Let us bring our years of collective experience to the issue.
Other
Need something else with Security Onion? We might be able to help. Contact us for more information.
Benefits of Purchasing Support
Community
Premium
Basic Q&A
Private support
Priority response
Architecture planning
Remote assistance
Advanced configuration support
Support development of Security Onion
Community Support
The Security Onion user base is large, and often times others have run into similar problems or have asked questions that might help you with your own Security Onion installation or troubleshooting.
Browse the Security Onion official discussion forums to find support on common issues. Ask for help from other community members, or return the favor by offering your own solutions to other users' discussions.
Not ready for premium support? Take a look at the Security Onion community support content and discussions.
- \ No newline at end of file + S29.104,22,28,22z" data-v-23be24b1>
Support & Professional Services
Premium
Community
Premium Support
Security Onion Solutions is the only official support provider. We've been helping catch the bad guys since 2014!
Support and Professional Services
Enterprise Deployments
From architecture and hardware planning to step-by-step remote deployment, our team will be there to help you with your Security Onion infrastructure at any scale.
Tuning
We'll use best practices to tune Security Onion components for optimal performance including metadata, signatures, packet capture retention, packet loss, and backend applications.
Troubleshooting
Have a problem? Let us bring our years of collective experience to the issue.
Other
Need something else with Security Onion? We might be able to help. Contact us for more information.
Benefits of Purchasing Support
Community
Premium
Basic Q&A
Private support
Priority response
Architecture planning
Remote assistance
Advanced configuration support
Support development of Security Onion
Community Support
The Security Onion user base is large, and often times others have run into similar problems or have asked questions that might help you with your own Security Onion installation or troubleshooting.
Browse the Security Onion official discussion forums to find support on common issues. Ask for help from other community members, or return the favor by offering your own solutions to other users' discussions.
Not ready for premium support? Take a look at the Security Onion community support content and discussions.
+ \ No newline at end of file diff --git a/terms/_payload.json b/terms/_payload.json index 2489d7693..c3f91d9ba 100644 --- a/terms/_payload.json +++ b/terms/_payload.json @@ -1 +1 @@ -[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730246619765] \ No newline at end of file +[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730332964075] \ No newline at end of file diff --git a/terms/index.html b/terms/index.html index 9da3eae6c..fff877b4b 100644 --- a/terms/index.html +++ b/terms/index.html @@ -4,7 +4,7 @@ - + @@ -18,5 +18,5 @@
Security Onion Solutions
- \ No newline at end of file + S29.104,22,28,22z" data-v-23be24b1>
+ \ No newline at end of file diff --git a/thank_you/_payload.json b/thank_you/_payload.json index 73725d314..69b4ded3b 100644 --- a/thank_you/_payload.json +++ b/thank_you/_payload.json @@ -1 +1 @@ -[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730246619767] \ No newline at end of file +[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730332964077] \ No newline at end of file diff --git a/thank_you/index.html b/thank_you/index.html index 3633ca6e5..fd92762e4 100644 --- a/thank_you/index.html +++ b/thank_you/index.html @@ -5,7 +5,7 @@ - + @@ -20,5 +20,5 @@
Security Onion Solutions
< Back to home
Thank you for your message!
We'll get back to you shortly.
- \ No newline at end of file + S29.104,22,28,22z" data-v-23be24b1>
< Back to home
Thank you for your message!
We'll get back to you shortly.
+ \ No newline at end of file diff --git a/training/_payload.json b/training/_payload.json index c368e9310..9dd86fa9c 100644 --- a/training/_payload.json +++ b/training/_payload.json @@ -1 +1 @@ -[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730246619163] \ No newline at end of file +[{"data":1,"prerenderedAt":3},["ShallowReactive",2],{},1730332963533] \ No newline at end of file diff --git a/training/index.html b/training/index.html index eed8810d7..f18e3e553 100644 --- a/training/index.html +++ b/training/index.html @@ -12,7 +12,7 @@ - + @@ -37,5 +37,5 @@
Security Onion Solutions
Training
Free
Training Info
Course Details
Public Courses
Official Training
Security Onion Solutions is the only official training provider of the Security Onion software.
Choose from On-Demand (Free and Premium) or Instructor-Led training.
Instructor-Led Training
In-person classes are multi-day comprehensive training courses which include many hands-on labs. Each course is designed with real-world examples and case studies that reinforce Security Onion work role tasks. Each instructor-led course provides in-depth content with a hands-on approach to learning. You will learn methods and techniques to sift through your data to find anomalies, malicious traffic, and then action on the results. Students receive printed course materials and a Certificate of Completion to show they are ready to make their adversaries cry!
Premium On-Demand
We also offer online training via On-Demand training modules. They are a cost-effective alternative to instructor-led training, but do not include the hands-on labs that our instructor-led classes offer. The On-Demand courses demonstrate techniques that you will be able to implement immediately. The On-Demand content allows you to learn at your own pace and repeat sections as often as you would like. Students have six months access to each course to take at their own pace.
F.A.Q.
Q: Who teaches the On-Demand and Instructor-Led courses?
A: Courses are taught by Security Onion Certified Instructors.

Q: Do I need a computer to attend training in person?
A: Security Onion Solutions provides student computers for in-person classes and a cloud lab environment for virtual classes.

Q: What materials will I need for the course?
A: All students in instructor-led courses receive official course material on the first day of class.

Q: How long do I have access to the On-Demand courses?
A: You will have full access for 6 months after purchase.

Course List
 
Course Title
Security Onion Essentials
Security Onion in Production
Practical Analysis
Detection Engineering
Three-Course Bundle
Fundamentals for Analysts & Admins
Fundamentals for Analysts & Threat Hunters
Detection Engineering and Analysis In-Depth
* The Security Onion Essentials course is a prerequisite for all courses.
† Course access is limited to 6 months, based on registration date.
‡ Security Onion Solutions provides one class computer for an in-person course or online lab environment for a virtual course.
We are proud to offer GSA pricing through our partner IntelliGenesis! Eligible organizations, please contact us for more information.
Free On-Demand

Get started by taking the free Security Onion 2 Essentials training.

This course is a prerequisite to the premium on-demand courses.

- \ No newline at end of file + S29.104,22,28,22z" data-v-23be24b1>
Training
Free
Training Info
Course Details
Public Courses
Official Training
Security Onion Solutions is the only official training provider of the Security Onion software.
Choose from On-Demand (Free and Premium) or Instructor-Led training.
Instructor-Led Training
In-person classes are multi-day comprehensive training courses which include many hands-on labs. Each course is designed with real-world examples and case studies that reinforce Security Onion work role tasks. Each instructor-led course provides in-depth content with a hands-on approach to learning. You will learn methods and techniques to sift through your data to find anomalies, malicious traffic, and then action on the results. Students receive printed course materials and a Certificate of Completion to show they are ready to make their adversaries cry!
Premium On-Demand
We also offer online training via On-Demand training modules. They are a cost-effective alternative to instructor-led training, but do not include the hands-on labs that our instructor-led classes offer. The On-Demand courses demonstrate techniques that you will be able to implement immediately. The On-Demand content allows you to learn at your own pace and repeat sections as often as you would like. Students have six months access to each course to take at their own pace.
F.A.Q.
Q: Who teaches the On-Demand and Instructor-Led courses?
A: Courses are taught by Security Onion Certified Instructors.

Q: Do I need a computer to attend training in person?
A: Security Onion Solutions provides student computers for in-person classes and a cloud lab environment for virtual classes.

Q: What materials will I need for the course?
A: All students in instructor-led courses receive official course material on the first day of class.

Q: How long do I have access to the On-Demand courses?
A: You will have full access for 6 months after purchase.

Course List
 
Course Title
Security Onion Essentials
Security Onion in Production
Practical Analysis
Detection Engineering
Three-Course Bundle
Fundamentals for Analysts & Admins
Fundamentals for Analysts & Threat Hunters
Detection Engineering and Analysis In-Depth
* The Security Onion Essentials course is a prerequisite for all courses.
† Course access is limited to 6 months, based on registration date.
‡ Security Onion Solutions provides one class computer for an in-person course or online lab environment for a virtual course.
We are proud to offer GSA pricing through our partner IntelliGenesis! Eligible organizations, please contact us for more information.
Free On-Demand

Get started by taking the free Security Onion 2 Essentials training.

This course is a prerequisite to the premium on-demand courses.

+ \ No newline at end of file