Home

SNĒZ is a web interface to the popular open source IDS programs SNORT® and Suricata. It is written almost entirely in PHP, minimizing client and server software prerequisites. There is one simple configuration screen with only a handful of parameters to set. This allows for SNĒZ to be dropped onto an IDS server with a minimum number of installation steps and program requirements.
IDS output can be unified2 or JSON formats.

The main design feature of SNĒZ is the ability to filter alerts based on criteria set by, and documented by, a security analyst. Alerts are viewed and summarized in different ways, filtered, and documented until ideally no alerts remain. At any time, filters can be suppressed so that all collected alerts can be analyzed for patterns, forensics, etc.

Filters can also be used to hide noisy alerts without deleting them or suppressing them at the IDS. An effective strategy for dealing with noisy alerts can be achieved by combining alert thresholding at the IDS and filtering in SNEZ.

Basic security features include definition of regular analysts and administrators, an adjustable screen timeout, adjustable maximum sign-on attempts and lockout, and the ability to change passwords.

SNORT® is a registered trademark of Sourcefire, Inc. All rights reserved.