IPS/IDS
Intrusion Detection/Prevention Systems (IDS/IPS)
Bro (Now Zeek):
Bro
A network analysis framework that functions beyond traditional IDS, focusing on network traffic monitoring and anomaly detection.
OSSEC:
OSSEC
A host-based intrusion detection system (HIDS) supporting various platforms such as Linux, Windows, and macOS. It is open source and emphasizes log analysis, file integrity checking, and policy monitoring.
Snort:
Snort
An open-source network-based IDS/IPS, known for its signature-based detection, developed by Sourcefire. It is widely used due to its comprehensive rule sets and real-time traffic analysis.
Suricata:
Suricata
An open-source, next-gen IDS/IPS engine with multi-threading capabilities, developed and maintained by the Open Information Security Foundation (OISF).