Homepage-Banner.jpg
 

The first integration of Suricata IDS with a purpose-built Machine Learning Scripting Engine.

A pathway forward for the Data Science Security Analyst to take advantage of today's mature and robust Suricata network detection engine while experimenting with machine learning threat models -- all bundled in a free, open source, distribution.

 

OPNids STACK

The OPNids Machine Learning Engine (MLE) Platform is built on a tried-and-true open source security architecture.

 
stack-graphic.png
 

Code & Contribution

icon-download.png

Installation &
Download Guidance

Getting started: Step by step download guidance. Download the OPNids and Machine Learning Engine images.

icon-two_long.png

Get Code and Contribute
on OPNids Github

All OPNids and MLE code is hosted at GitHub. Contribute through innovation, improvement and extension.

icon-Knowledge.png

Report an Issue/Bug
or Make a Feature Request

Report bugs, issues or make a feature request on the OPNids tracker.
 

Knowledge & Support

icon-bug.png

Acquire Knowledge

We welcome and encourage contributions to improve our documentation. Find the latest in insightful knowledge on our MLOps Blog.

View Documentation →
Read the Blog →

icon-forum.png

Ask Forum

You can ask any questions and/or share your wisdom with your fellow community on the OPNids forum.

Visit the OPNids Forum →

icon-computer.png

Contact OPNids

Contact the OPNids maintainers. Reach out to us via email and share on our OPNids Twitter account.

Email us at project@opnids.io →
Share our Twitter →

From the Blog

Who is OPNids?

The mission of the community is to promote collaboration and innovation around the OPNids Machine Learning (ML) Engine; specifically the development and deployment of ML-based analyzers focused on cybersecurity use cases.

The sponsors believe that open source, open standards, and open collaboration breed innovative and transformative solutions to challenging problems.  To this end, the OPNids community is a place for enthusiasts and professionals with an interest in data science and cybersecurity to explore, experiment, and exchange ideas.

  COUNTERFLOW   CounterFlow AI builds threat-hunting solutions for world-class security operation centers (SOC). The company is redefining the art of threat hunting by utilizing machine learning and sensing at the edge of the network to drive targeting operations in real time. CounterFlow AI’s flagship product, Dragonfly Threat Sensor, is a cybersecurity platform that integrates signature inspection, machine learning, and adaptive packet capture, enabling security analysts to significantly reduce time to detection and response.   Visit Counterflow AI →

COUNTERFLOW

CounterFlow AI builds threat-hunting solutions for world-class security operation centers (SOC). The company is redefining the art of threat hunting by utilizing machine learning and sensing at the edge of the network to drive targeting operations in real time. CounterFlow AI’s flagship product, Dragonfly Threat Sensor, is a cybersecurity platform that integrates signature inspection, machine learning, and adaptive packet capture, enabling security analysts to significantly reduce time to detection and response.

Visit Counterflow AI →

  DECISO    Deciso  is a highly innovative company that develops network appliances and middleware software. Their field of expertise ranges from open source firewall and utm technology to telecommunications and business intelligence. The company was founded in 2000 with a strong focus on open source technology.   Visit Deciso →

DECISO

Deciso is a highly innovative company that develops network appliances and middleware software. Their field of expertise ranges from open source firewall and utm technology to telecommunications and business intelligence. The company was founded in 2000 with a strong focus on open source technology.

Visit Deciso →

  OPEN INFORMATION SECURITY FOUNDATION   The Open Information Security Foundation (OISF) is dedicated to preserving the integrity of open source security technologies and the communities that keep them thriving. Our team and our community includes world-class security and non-profit experts, programmers, and industry leaders dedicated to open source security technologies.   Visit OISF →

OPEN INFORMATION SECURITY FOUNDATION

The Open Information Security Foundation (OISF) is dedicated to preserving the integrity of open source security technologies and the communities that keep them thriving. Our team and our community includes world-class security and non-profit experts, programmers, and industry leaders dedicated to open source security technologies.

Visit OISF →

Community` Partners

accolade-technology-logo.png
suricata-logo.png
gray-log-logo.png

Enabling Advanced FPGA-based Host CPU Offload, 100% Packet Capture. Accolade provides the most technologically advanced 1-100GE FPGA-based host CPU offload adapters and scalable 1U platforms that enable 100% packet capture, flow classification, deduplication, packet filtering and more. Our customers are global leaders in network monitoring & cybersecurity applications as well as in the network test and measurement, telecom and video stream monitoring markets.

Visit Accolade Technologies

Suricata is a free and open source, mature, fast, and robust network threat detection engine capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM) and offline packet capture (pcap) processing. Suricata’s fast-paced community-driven development focuses on security, usability, and efficiency.

The Suricata project and code is owned and supported by the Open Information Security Foundation (OISF), a non-profit foundation committed to ensuring Suricata’s development and sustained success as an open source project.

Visit Suricata →


The Graylog project was started after a quote for basic log management from a large commercial provider made us very sad. Help us build the future of log management and be part of a project that is used by thousands of people out there every day. Graylog is a powerful log management and analysis tool that has many use cases, from monitoring SSH logins and unusual activity to debugging applications. It is based on Elasticsearch, Java, MongoDB, and Scala.

Visit Graylog →