Suricata is an open-source network analysis and threat detection software. The features include intrusion detection system (IDS) and intrusion prevention system (IPS) as well as network transaction logging and file extraction. It was developed by the Open Information Security Foundation (OISF). The first standard release was in July 2010.
Features
IDS and IPS
Suricata provides threat detection capabilities. In IDS mode, it is going to analyse the traffic and generate an alert when a signature matches.
In IPS mode, it acts like a firewall. It provides traffic filtering and monitoring and allows network administrators to write and enforce detection rules.
Suricata is able to detect common attack vectors such as port scanning, denial-of-service, pass-the-hash, and brute-force attacks.