Anyone can start to build their own SIEM solution for free with SecurityOnion. While it is possible to run individual tooling and connect them together manually, SecurityOnion gives you an integrated tooling environment to quickly cover your bases and start hunting for possible threats. Due to the full package of features this product is interesting to run in (home)lab environments to learn about the different aspects of SOC analysis.
With the wide range of included tooling, you have a Swiss army knife for most of the related tasks. This makes it easier to have insight into your environment.
Since the new version of SecurityOnion, new features are introduced like the ability to run a honeypot. With a honeypot, you get the ability to simulate services to analyse connections going to it and the operations attempted on the open service ports. This gives you unique information about the targeted attacks launched towards your environment.
Curios is constantly evaluating new technologies to improve security postures and security monitoring of customer environments. With this review, we want to share our experiences and enable other companies to improve their security monitoring capabilities.
If you are interested in knowing more about security monitoring, please contact Bart Van Dongen or Sacha Saris.