Stamus Networks Launches Clear NDR: A New Open-Source Network Security Platform

Stamus Networks has announced the release of Clear NDR Community 1.0 — the open edition of its network detection and response platform. The launch marks the project’s evolution into a solution ready for industrial deployment.

Built on Suricata, Clear NDR is designed for network traffic monitoring, protocol analysis, and attack detection. The first public beta was introduced in 2024, and the system has since undergone a complete architectural overhaul, gained new deployment scenarios, and refined its operational workflows.

Version 1.0 offers multiple installation options: a Debian ISO with graphical interface, a headless ISO for servers, and a containerized variant for Linux, including Docker. This flexibility enables deployment on both physical servers and virtual machines.

Among the most significant enhancements are the migration to OpenSearch 2.0 for greater stability and performance, the upgrade to Suricata 8.0 with expanded protocol coverage and improved scalability, and the integration of the Model Context Protocol to connect with third-party AI-driven solutions.

For analysts, the platform now includes 58 new dashboards and more than 400 Suricata data visualizations. It features built-in threat intelligence feed integration, advanced data storage management, a streamlined investigation workflow promising “two clicks to evidence,” and a Deep Linking mechanism for seamless integration with external systems.

Additional improvements include a notification system for new releases and best-practice recommendations. Clear NDR Community 1.0 is aimed at security professionals, researchers, educators, and students working with Suricata and network logs, offering both experimentation and learning opportunities in the field of network defense.

For larger enterprises, Stamus Networks also provides Clear NDR Enterprise, an enhanced edition with advanced capabilities for large-scale infrastructures, including automated threat hunting and integration with corporate incident response processes.

Support Our Threat Intelligence

If you find our technology report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy