Open Source Security Software Founded By PacketSled
CommunityBro is a an open source project based on Bro IDS (Incident Detection System) sponsored by PacketSled and delivered to the security community as part of Security Onion.
CommunityBro is an open source sensor framework with a rich set of protocol analyzers and metadata output, enabling visualization of all of your network traffic in real-time. It's a simple install process for sensors, with no proprietary hardware purchase required.
With CommunityBro, PacketSled has made adjustments to the original Bro IDS to make it more proficient with added features such as additional protocol analyzers, performance enhancement, Lua scripting language and other core functionality.Go to CommunityBro
For a free download of Security Onion with CommunityBro functionality, please visit Security Onion.
“Cyber criminals are very talented, have significant resources behind them and include a wide range of personalities from school age kids to nation state actors. Adding tools like PacketSled to our quiver allows our security team to effectively detect, investigate and respond to anomalies and threats to our network.”
Darren Bennett, CISO for the City of San Diego
Upgrading to PacketSled
What does Packetsled do?
PacketSled fills the gaps in your security program. Our software platform enables full Network Visibility, Threat Hunting and Incident Response.
On which networks does Packetsled monitor these elements?
Both external traffic (North-South Traffic) and internal traffic (East-West Traffic). This includes multiple data centers and sites/clouds, etc.
What does Packetsled do with this data?
Uses Threat Intelligence Attack Detection and Behavioral Analysis to give you 100% visibility and prioritized actions for your team to mitigate risk.
How we integrate into a security operations center
PacketSled can offload data into SIEMs, orchestration engines and ticketing systems. We integrate with market-leading SIEM partners and service providers that you already partner with in your Operations Center.
What is Network Visibility?
Full Network Visibility is being able to see all traffic (in real time) traversing a network – including your internal environment and the public cloud. A powerful Network Visibility tool uncovers blind spots in your network.
It will allow you full visibility – including being able to go back and see exactly what was happening on your network at a precise moment in time.