Security Onion is a free and open source Linux distribution for intrusion detection, enterprise security monitoring, and log management. It includes Elasticsearch, Logstash, Kibana, Snort, Suricata, Bro, Wazuh, Sguil, Squert, NetworkMiner, and many other security tools. The easy-to-use Setup wizard allows you to build an army of distributed sensors for your enterprise in minutes!
Want to download and verify the Security Onion ISO image?
Please proceed to the Verify_ISO page.
Looking for documentation?
Please proceed to the Help page.
Please send questions to the Security Onion mailing list.
Want to see what lies ahead for Security Onion?
Please proceed to the Projects page.
Looking for source code?
This repo stores no source code. You can get the source for any of our packages by doing the following at a terminal (replacing PACKAGE-NAME with the name of the package that you want the source for):
apt-get source PACKAGE-NAME
Some of our packages have their own Github repos at Security-Onion-Solutions.
Security Onion Solutions
Looking for training, professional services, or hardware appliances? Check out https://securityonionsolutions.com.