Scirius alternatives
Looking for an alternative tool to replace Scirius? During the review of Scirius we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.
Alternatives (by score)
Snort
Introduction
Besides intrusion detection, Snort has the capabilities to prevent attacks. By taking a particular action based on traffic patterns, it can become an intrusion prevention system (IPS).
Project details
Snort is written in C.
Strengths and weaknesses
- + Supported by a large company
- + Well-known tool
Typical usage
- Security monitoring
Suricata
Introduction
Suricata is a somewhat younger NIDS, though has a rapid development cycle. It can work with Snort rulesets, yet also has optimized rulesets for usage with Suricata itself. For example, this set is known as Emerging Threats and fully optimized.
Project details
Suricata is written in C, Lua.
Strengths and weaknesses
- + More than 50 contributors
- + The source code of this software is available
Typical usage
- Information gathering
- Intrusion detection
- Network analysis
- Threat discovery
Zeek (Bro)
Introduction
Zeek helps to perform security monitoring by looking into the network's activity. It can find suspicious data streams. Based on the data, it alert, react, and integrate with other tools.
Project details
Zeek is written in C++.
Strengths and weaknesses
- + More than 50 contributors
- + More than 2000 GitHub stars
- + The source code of this software is available
- + Well-known tool
Typical usage
- Security monitoring
Sweet Security
Introduction
This tool helps with automating the installation of several components like Bro IDS, Elasticsearch, Logstash, Kibana (ELK stack), and Critical Stack. Saving time on installation and configuration is its primary purpose.
Project details
Sweet Security is written in Python.
Strengths and weaknesses
- + The source code of this software is available
Typical usage
- Network security monitoring
- Security monitoring
DejaVu
Introduction
DejaVu is an open source deception framework which can be used to deploy and administer decoys or canaries across a network infrastructure. Defenders can use deception as a technique to learn quickly about possible attackers on the network and take actions.
Project details
Strengths and weaknesses
- + The source code of this software is available
- - No releases on GitHub available
Typical usage
- Security monitoring
- Threat discovery
Maltrail
Introduction
Maltrail monitors for traffic on the network that might indicate system compromise or other bad behavior. It is great for intrusion detection and monitoring.Project details
Maltrail is written in Python.
Strengths and weaknesses
- + More than 10 contributors
- + More than 3000 GitHub stars
- + The source code of this software is available
Typical usage
- Intrusion detection
- Network analysis
- Security monitoring
Chiron
Introduction
Chiron is a security assessment framework for IPv6. It provides several modules including an IPv6 scanner, IPv6 Local Link, IPv4-to-IPv6 proxy, IPv6 attack module, and IPv6 proxy. These modules help to perform an assessment, like a penetration test.
The tool uses IPv6 extension headers to create a headers chain. This may allow evading security devices like IDS, IPS, and firewalls. Due to the flexibility of the framework, the tool can also be used to perform fuzzing of the IPv6 stack of a device.
Project details
Chiron is written in Python.
Strengths and weaknesses
- + The source code of this software is available
- - No releases on GitHub available
Typical usage
- Network analysis
- Network scanning
- Network security monitoring
OSSEC
Introduction
OSSEC uses a centralized, cross-platform architecture allowing multiple systems to be monitored and managed.
Highlights:
The OSSEC project was acquired by Third Brigade, Inc in June 2008. This included the copyrights owned by Daniel Cid, its project leader. They promised to continue the development, keep it open source, and extend commercial support and training to the community.
Trend Micro acquired Third Brigade in May 2009. This included the OSSEC project. Trend Micro promised to keep the software open source and free.
Project details
Strengths and weaknesses
- + Commercial support available
- + Well-known tool
- - Commercial support available
Samhain
Introduction
Samhain is a host-based intrusion detection system (HIDS). It provides file integrity checking and log file monitoring/analysis. Additional features are rootkit detection, port monitoring, detection of rogue SUID executables, and the detection of hidden processes.
Samhain is typically deployed as a standalone application, although it supports centralized logging. This makes it ideal for environments with multiple systems.
Samhain is open source software and written by Rainer Wichmann.
Project details
Strengths and weaknesses
- + The source code of this software is available
Some relevant tool missing as an alternative to Scirius? Please contact us with your suggestion.