Security Onion
@securityonion.bsky.social
By defenders. For defenders.
Peel back the layers of your network and make your adversaries cry.
https://www.securityonion.com
Peel back the layers of your network and make your adversaries cry.
https://www.securityonion.com
Security Onion 2.4.190 now available including Onion AI Assistant!
Introducing the all-new Onion AI, an advanced LLM-based security analyst assistant, built directly into the Security Onion console.
Designed BY defenders FOR defenders!
Introducing the all-new Onion AI, an advanced LLM-based security analyst assistant, built directly into the Security Onion console.
Designed BY defenders FOR defenders!
October 27, 2025 at 2:49 PM
Security Onion 2.4.190 now available including Onion AI Assistant!
Introducing the all-new Onion AI, an advanced LLM-based security analyst assistant, built directly into the Security Onion console.
Designed BY defenders FOR defenders!
Introducing the all-new Onion AI, an advanced LLM-based security analyst assistant, built directly into the Security Onion console.
Designed BY defenders FOR defenders!
Security Onion 2.4.180 now available including new features, updated components, and quality of life improvements!
blog.securityonion.net/2025/09/secu...
blog.securityonion.net/2025/09/secu...
September 17, 2025 at 9:02 PM
Security Onion 2.4.180 now available including new features, updated components, and quality of life improvements!
blog.securityonion.net/2025/09/secu...
blog.securityonion.net/2025/09/secu...
🚨 Security Onion 2.4.170 now available including JA4, more SOC dashboards, and updated components! 🚨
🔍Let's find more hackers! 🔍
If you like Security Onion, please like and share to help spread the word!
blog.securityonion.net/2025/08/secu...
🔍Let's find more hackers! 🔍
If you like Security Onion, please like and share to help spread the word!
blog.securityonion.net/2025/08/secu...
August 12, 2025 at 2:55 PM
🚨 Security Onion 2.4.170 now available including JA4, more SOC dashboards, and updated components! 🚨
🔍Let's find more hackers! 🔍
If you like Security Onion, please like and share to help spread the word!
blog.securityonion.net/2025/08/secu...
🔍Let's find more hackers! 🔍
If you like Security Onion, please like and share to help spread the word!
blog.securityonion.net/2025/08/secu...
Security Onion 2.4.160 now available including Playbooks, Guided Analysis, MCP Server, and more!
Have you ever had an alert and were unsure of what to do next? In this release, when you expand an alert you'll see a new tab called Guided Analysis.
Have you ever had an alert and were unsure of what to do next? In this release, when you expand an alert you'll see a new tab called Guided Analysis.
June 25, 2025 at 6:34 PM
Security Onion 2.4.160 now available including Playbooks, Guided Analysis, MCP Server, and more!
Have you ever had an alert and were unsure of what to do next? In this release, when you expand an alert you'll see a new tab called Guided Analysis.
Have you ever had an alert and were unsure of what to do next? In this release, when you expand an alert you'll see a new tab called Guided Analysis.
We've got a new AI-powered Playbooks feature coming in Security Onion 2.4.160 that will turbocharge your analysis and incident response!
www.youtube.com/watch?v=SLGR...
www.youtube.com/watch?v=SLGR...
Sneak Peek: Security Onion Playbooks
YouTube video by Security Onion
www.youtube.com
June 18, 2025 at 1:28 PM
We've got a new AI-powered Playbooks feature coming in Security Onion 2.4.160 that will turbocharge your analysis and incident response!
www.youtube.com/watch?v=SLGR...
www.youtube.com/watch?v=SLGR...
Check out our latest video, covering the Notifications feature in Security Onion Pro. Send your alerts directly to another platform, like email, Slack, or Jira!
www.youtube.com/watch?v=quy8...
www.youtube.com/watch?v=quy8...
Security Onion Pro Notifications
YouTube video by Security Onion
www.youtube.com
June 12, 2025 at 5:12 PM
Check out our latest video, covering the Notifications feature in Security Onion Pro. Send your alerts directly to another platform, like email, Slack, or Jira!
www.youtube.com/watch?v=quy8...
www.youtube.com/watch?v=quy8...
🧅♥️Security Onion 2.4.150: Celebrating Mother's Day with MoM (Manager of Managers) 🧅♥️
Yesterday was Mother's Day and we are very thankful for our mothers!
Yesterday was Mother's Day and we are very thankful for our mothers!
May 12, 2025 at 5:13 PM
🧅♥️Security Onion 2.4.150: Celebrating Mother's Day with MoM (Manager of Managers) 🧅♥️
Yesterday was Mother's Day and we are very thankful for our mothers!
Yesterday was Mother's Day and we are very thankful for our mothers!
Reposted by Security Onion
Thanks to Simply Cyber for having me on the podcast to talk about @securityonion.bsky.social !
Peeling Back the Network Layers with Doug Burks | S3 E2
www.youtube.com/watch?v=FNB6...
Peeling Back the Network Layers with Doug Burks | S3 E2
www.youtube.com/watch?v=FNB6...
Peeling Back the Network Layers with Doug Burks | S3 E2
YouTube video by Simply Cyber - Gerald Auger, PhD
www.youtube.com
April 25, 2025 at 2:56 PM
Thanks to Simply Cyber for having me on the podcast to talk about @securityonion.bsky.social !
Peeling Back the Network Layers with Doug Burks | S3 E2
www.youtube.com/watch?v=FNB6...
Peeling Back the Network Layers with Doug Burks | S3 E2
www.youtube.com/watch?v=FNB6...
Upcoming change to Elasticsearch index management in Security Onion -- read this, especially if you're running a distributed, multinode deployment.
blog.securityonion.net/2025/04/upco...
blog.securityonion.net/2025/04/upco...
Upcoming Change to Elasticsearch Index Management for Multi-Node Deployments
Elasticsearch indices are managed by both the so-elasticsearch-indices-delete utility and Index Lifecycle Management (ILM). so-elasticsearch...
blog.securityonion.net
April 23, 2025 at 12:27 PM
Upcoming change to Elasticsearch index management in Security Onion -- read this, especially if you're running a distributed, multinode deployment.
blog.securityonion.net/2025/04/upco...
blog.securityonion.net/2025/04/upco...
Index Lifecycle Management in Security Onion
YouTube video by Security Onion
www.youtube.com
April 17, 2025 at 2:08 PM
Security Onion 2.4.140 now available including Suricata 7.0.9, Zeek 7.0.6, and much more!
For more details, please see the thread 🧵and the link below!
For more details, please see the thread 🧵and the link below!
March 25, 2025 at 1:58 PM
Security Onion 2.4.140 now available including Suricata 7.0.9, Zeek 7.0.6, and much more!
For more details, please see the thread 🧵and the link below!
For more details, please see the thread 🧵and the link below!
We've just announced a Detection Engineering and Analysis course, coming up this July in Columbia, MD. Register now for an early bird discount!
blog.securityonion.net/2025/03/earl...
blog.securityonion.net/2025/03/earl...
Early Bird Discount for upcoming Security Onion Detection Engineering and Analysis training class
Security Onion Detection Engineering and Analysis In-Depth Tuesday, July 22, 2025 through Friday, July 25, 2025 in Columbia MD Use the follo...
blog.securityonion.net
March 20, 2025 at 1:42 PM
We've just announced a Detection Engineering and Analysis course, coming up this July in Columbia, MD. Register now for an early bird discount!
blog.securityonion.net/2025/03/earl...
blog.securityonion.net/2025/03/earl...
Security Onion 2.4.130 now available including Elastic 8.17.3 and much more!
Please see thread 🧵below for more details!
Please see thread 🧵below for more details!
March 11, 2025 at 5:47 PM
Security Onion 2.4.130 now available including Elastic 8.17.3 and much more!
Please see thread 🧵below for more details!
Please see thread 🧵below for more details!
Quick Malware Analysis: SMARTAPESG / NETSUPPORT RAT / STEALC pcap from 2025-02-18
blog.securityonion.net/2025/02/quic...
blog.securityonion.net/2025/02/quic...
Quick Malware Analysis: SMARTAPESG / NETSUPPORT RAT / STEALC pcap from 2025-02-18
Thanks to Brad Duncan for sharing this pcap from 2025-02-18 on his malware traffic analysis site! Due to issues with Google flagging a warni...
blog.securityonion.net
February 28, 2025 at 2:45 PM
Quick Malware Analysis: SMARTAPESG / NETSUPPORT RAT / STEALC pcap from 2025-02-18
blog.securityonion.net/2025/02/quic...
blog.securityonion.net/2025/02/quic...
🚨Security Onion 2.4.120 now available including lots of new features and updates! 🚨
For more details, please see 🧵below.
If you like Security Onion🧅, please like and share to help spread the word! Thanks!
For more details, please see 🧵below.
If you like Security Onion🧅, please like and share to help spread the word! Thanks!
February 12, 2025 at 6:37 PM
🚨Security Onion 2.4.120 now available including lots of new features and updates! 🚨
For more details, please see 🧵below.
If you like Security Onion🧅, please like and share to help spread the word! Thanks!
For more details, please see 🧵below.
If you like Security Onion🧅, please like and share to help spread the word! Thanks!
We've got a brand new Introduction to Security Onion 2.4 video available on our YouTube channel!
Don't forget to like the video, subscribe to the channel, and leave a nice comment with some words of encouragement for the Security Onion team!
www.youtube.com/watch?v=NKCj...
Don't forget to like the video, subscribe to the channel, and leave a nice comment with some words of encouragement for the Security Onion team!
www.youtube.com/watch?v=NKCj...
Introduction to Security Onion 2.4
YouTube video by Security Onion
www.youtube.com
February 6, 2025 at 3:29 PM
We've got a brand new Introduction to Security Onion 2.4 video available on our YouTube channel!
Don't forget to like the video, subscribe to the channel, and leave a nice comment with some words of encouragement for the Security Onion team!
www.youtube.com/watch?v=NKCj...
Don't forget to like the video, subscribe to the channel, and leave a nice comment with some words of encouragement for the Security Onion team!
www.youtube.com/watch?v=NKCj...
Security Onion 2.4.120 is coming soon!
We just added a sneak peek video to our YouTube channel that covers some of the highlights!
Don't forget to like and subscribe to our YouTube channel!
We just added a sneak peek video to our YouTube channel that covers some of the highlights!
Don't forget to like and subscribe to our YouTube channel!
Security Onion 2.4.120 Feature Preview
YouTube video by Security Onion
www.youtube.com
January 23, 2025 at 3:14 PM
Security Onion 2.4.120 is coming soon!
We just added a sneak peek video to our YouTube channel that covers some of the highlights!
Don't forget to like and subscribe to our YouTube channel!
We just added a sneak peek video to our YouTube channel that covers some of the highlights!
Don't forget to like and subscribe to our YouTube channel!
Our upcoming Security Onion 2.4.120 release includes a new local IP lookup feature!
This allows you to define local descriptions for important IP addresses in your environment.
Security Onion 2.4.120 is coming soon!
This allows you to define local descriptions for important IP addresses in your environment.
Security Onion 2.4.120 is coming soon!
January 23, 2025 at 1:39 PM
Our upcoming Security Onion 2.4.120 release includes a new local IP lookup feature!
This allows you to define local descriptions for important IP addresses in your environment.
Security Onion 2.4.120 is coming soon!
This allows you to define local descriptions for important IP addresses in your environment.
Security Onion 2.4.120 is coming soon!
Our upcoming Security Onion 2.4.120 release includes CyberChef 10.19.4!
Security Onion 2.4.120 is coming soon!
Security Onion 2.4.120 is coming soon!
January 21, 2025 at 9:07 PM
Our upcoming Security Onion 2.4.120 release includes CyberChef 10.19.4!
Security Onion 2.4.120 is coming soon!
Security Onion 2.4.120 is coming soon!
Our upcoming Security Onion 2.4.120 release includes a new MSI option for deploying the Elastic Agent to your Windows endpoints!
Security Onion 2.4.120 is coming soon!
Security Onion 2.4.120 is coming soon!
January 16, 2025 at 6:36 PM
Our upcoming Security Onion 2.4.120 release includes a new MSI option for deploying the Elastic Agent to your Windows endpoints!
Security Onion 2.4.120 is coming soon!
Security Onion 2.4.120 is coming soon!
Our upcoming Security Onion 2.4.120 release includes improvements for our ATT&CK Navigator integration! Navigator will now have 4 tabs across the top:
Detections Coverage - All Detections
Detections Coverage - Sigma
Detections Coverage - Suricata
Alerts (Last 3 Days)
Detections Coverage - All Detections
Detections Coverage - Sigma
Detections Coverage - Suricata
Alerts (Last 3 Days)
January 16, 2025 at 6:34 PM
Our upcoming Security Onion 2.4.120 release includes improvements for our ATT&CK Navigator integration! Navigator will now have 4 tabs across the top:
Detections Coverage - All Detections
Detections Coverage - Sigma
Detections Coverage - Suricata
Alerts (Last 3 Days)
Detections Coverage - All Detections
Detections Coverage - Sigma
Detections Coverage - Suricata
Alerts (Last 3 Days)
Our upcoming Security Onion 2.4.120 release includes a new feature for Security Onion Pro customers! If you have a valid Pro license, you will be able to connect to the Security Onion API from external clients. This means that you can create cases, pull PCAPs, or acknowledge alerts using automation!
January 9, 2025 at 3:40 PM
Our upcoming Security Onion 2.4.120 release includes a new feature for Security Onion Pro customers! If you have a valid Pro license, you will be able to connect to the Security Onion API from external clients. This means that you can create cases, pull PCAPs, or acknowledge alerts using automation!
Coming soon: Our upcoming Security Onion 2.4.120 release includes Zeek 7!
It also adds support for analyzing more network protocols like QUIC, HTTP2, OpenVPN, and IPSEC!
It also adds support for analyzing more network protocols like QUIC, HTTP2, OpenVPN, and IPSEC!
January 8, 2025 at 5:51 PM
Coming soon: Our upcoming Security Onion 2.4.120 release includes Zeek 7!
It also adds support for analyzing more network protocols like QUIC, HTTP2, OpenVPN, and IPSEC!
It also adds support for analyzing more network protocols like QUIC, HTTP2, OpenVPN, and IPSEC!