Intelligent IDS Rules Editing, Parsing & Transformation
Edit, Improve & Tune your IDS Rules
IDSTower provides a smart Rules Editing, Parsing & Transformation features, All with Integrated Built-in Suricata Documentation, helping you Analyst to Tune Rules correctly.
No Text Files!
Edit Rules Code without touching text files.
Override/Tune Options without editing Rule Code
Set Rule Priority, Target and other options without editing the rule source code!, all the changes you set through the UI will be intelligently inserted into the final rule and they will override the option if it was already set in Rule Source Code.
Integrated Options Documentation
Hover your cursor over the Question mark (?) beside each option to view its documentation.
Add Custom Tags for more Context
Insert Custom Tags to add more context to the IDS Rules, which will help your analysts triage alerts faster & better.
Do the tunning once, keep it forever
When you customize a rule through rule options, IDSTower will copy those customizations to the new rule revisions once you import them, this helps you capitalize on the continues tunning efforts done by your Analyst & Admins to the external (commercial & free) Rulesets.
Advanced Rules Transformation features
Rules Transformation allow you to alter the final rule sent to Suricata without having to edit the rule source code manually, you can use this to add more context to the alerts (eg: via tags), override keywords value like priority, add references to your analysts and much more!
Total Control over transformation settings
You can control enabled Rules transformations via settings page, choose the transformation you need.
