An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any detected activity or violation is typically reported either to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources, and uses alarm filtering techniques to distinguish malicious activity from false alarms.
Tool count: 2
| Name | Version | Description | Category | Website |
|---|---|---|---|---|
| sagan | 2.0.2 | A snort-like log analysis engine. | ids defensive | |
| suricata-verify | 1172.84f285fe | Suricata Verification Tests - Testing Suricata Output. | misc ids |