SELKS is an open-source network security monitoring platform that offers network intrusion and detection capabilities. 

The name comes from the original components it was built around: Suratica, Elasticsearch, Logstash, Kibana, and Scirius. It has since expanded to include EveBox, Arkime, and CyberChef as well. 

It can be installed on any Linux or Windows operating system using docker compose, and also offers ISOs for air gapped environments, bare metal, and VMs. The tool includes over 28 default dashboards, 400 visualizations, and 24 predefined searches. 

It was created in 2013 by Stamus Networks out of a desire to provide a security monitoring solution that could be used by any company, no matter their size or budget.

“Adversaries target organizations indiscriminately, regardless of size, yet not all security teams possess the enterprise-level budgets and resources necessary to defend effectively,” said Peter Manev, co-founder and chief strategy officer at Stamus Networks. “We take pride in offering a vital solution for organizations that may not have the financial means to afford commercial alternatives.”

The most recent release, SELKS 10, is from June 13 and includes new features like a more unified user interface, the ability to capture packets associated with alerts, and support for new capabilities of Arkime 5.0, such as bulk search, better session detail display, unified configurations, unified authentication, multi-viewer support, and more. 

Looking forward, the next focus areas for the project include further expanding the open source community and making the project more cloud-native so that it can be used by more people. 

“In the past decade, SELKS has evolved significantly,” said Éric Leblond, co-founder and chief technology officer of Stamus Networks. “What started as a basic network security tool to showcase Suricata has transformed into an enterprise-grade IDS/IPS, NSM, and threat hunting system, built on open-source principles. It’s now a trusted solution for open-source enthusiasts, home network hobbyists, researchers, educators, students, and small businesses seeking a cost-free yet powerful network security tool.”

Read about other Open-Source Projects of the Week: