Built on the Elastic Stack (Elasticsearch, Logstash, Kibana) to store and visualize massive amounts of security data. Quick Start Guide
Security Onion functions as a "Swiss Army knife" for defenders by bundling several best-of-breed open-source tools: Security Onion Live Cd
It includes a suite of offensive and defensive tools, such as nmap , metasploit , and scapy , to test existing IDS configurations or new deployments. Built on the Elastic Stack (Elasticsearch, Logstash, Kibana)
The (or ISO) is a bootable distribution designed for network security monitoring (NSM) , intrusion detection, and log management. While modern versions (2.4+) focus on permanent installations for scalability, the Live environment remains a critical entry point for quick network evaluations and forensic testing. Core Purpose and Use Cases While modern versions (2
You can boot the system and immediately start sniffing traffic on local interfaces (like eth0 ) using tools like Snort or Suricata .