Employs Stenographer or Suricata PCAP to act as a "DVR for your network," recording every packet for retrospective analysis.
Built on the Elastic Stack (Elasticsearch, Logstash, Kibana) to store and visualize massive amounts of security data. Quick Start Guide
IntroductionWalkthrough · Security-Onion-Solutions ... - GitHub Security Onion Live Cd
Features the Security Onion Console (SOC) , which provides built-in dashboards, threat-hunting interfaces, and case management.
The Live environment serves as the primary installer for moving Security Onion to a hard drive or virtual machine for production use. Key Integrated Tools Employs Stenographer or Suricata PCAP to act as
It includes a suite of offensive and defensive tools, such as nmap , metasploit , and scapy , to test existing IDS configurations or new deployments.
Uses Suricata for signature-based detection and Zeek for rich protocol metadata. - GitHub Features the Security Onion Console (SOC)
The (or ISO) is a bootable distribution designed for network security monitoring (NSM) , intrusion detection, and log management. While modern versions (2.4+) focus on permanent installations for scalability, the Live environment remains a critical entry point for quick network evaluations and forensic testing. Core Purpose and Use Cases