Snort® is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire. Combining the benefits of signature, protocol, and anomaly-based inspection, Snort is the most widely deployed IDS/IPS technology worldwide.
- - snort is the most popular Linux alternative to Arkime.
- - snort is the most popular Open Source & free alternative to Arkime.
Suricata is a high performance Network IDS, IPS and Network Security Monitoring engine. Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF and its supporting vendors.
- - Suricata is the most popular Windows & Mac alternative to Arkime.
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user defined lists, where trail can be anything from domain...
- - Maltrail is the most popular Self-Hosted alternative to Arkime.
redborder is an Open Source, Big Data cybersecurity and traffic analysis platform accompanied by a set of active probes managed in an integrated manner. Can be deployed on-premise or used as a cloud service. Managing SNORT events.
Loki looks to be somewhat like Detekt, a free downloadable aimed at detecting evidence of state hacking, but more aimed at the corporate crowd, rather than activists.
LOKI Free IOC Scanner Features