informa
Quick Hits

Nonprofit Group Launches Open-Source IDS/IPS

Suricata 1.0 will go head-to-head with popular Snort tool
The Open Information Security Foundation (OISF) today unveiled Suricata 1.0, an open-source IDS/IPS engine that will compete with the popular Snort tool.

Available immediately for download under the Open Source General Public License version 2, Suricata has been in development for two years and includes contributions from more than 25 developers.

The nonprofit OISF initiated the project with funding from the U.S. Department of Homeland Security, as well as a consortium of private organizations, including Endace, Everis, and NitroSecurity.

"In today's changing threat landscape, current defenses are being outflanked by attackers, and a new, high-performance IDS engine is needed to address many of today’s highly sophisticated attacks," said Matt Jonkman, president of the OISF, in a statement. "The mission of Suricata and of the OISF is to create an engine that will allow IDS solutions to detect and prevent these newer, more sophisticated types of attacks."

Suricata is built on an open-source engine, which means the open-source community will help it to capture characteristics of emerging threats, the OISF says. It uses a multithreaded architecture and supports IP reputation and signatures, which allows it to flag traffic from known nefarious origins. It also offers automated protocol detection, according to the OISF.

"With Suricata, the open-source community is giving us an alternative to a technology [SNORT] that is getting old and has not kept up with the changing threatscape," said Richard Stiennon, chief research analyst at IT-Harvest.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Recommended Reading: