Suricata is an open-source network intrusion detection system (IDS), intrusion prevention system (IPS), and network security monitoring engine. Suricata features Suricata offers comprehensive capabilities for network security monitoring (NSM), including logging HTTP requests, capturing and storing TLS certificates, and extracting files from network flows for disk storage. Its support for full packet capture (pcap) simplifies in-depth traffic analysis. TLS/SSL logging and analysis: With Suricata’s powerful TLS parser, you can inspect most aspects of SSL/TLS exchanges … More
The post Suricata: Open-source network analysis and threat detection appeared first on Help Net Security.