Enable Open Source & Commercial Feeds with a single click!

Alert on IOCs using Suricata.

Suricata offers the capability to alert on 10's of Thousands of Indicators of Compromise including IPs, Domains, Hashes & more!, IDSTower enables you to do this with no effort!

IOC Management UI

Control Enabled Indicators via the Indicators Management Interface, set score, Enable, disable & investigate.

Control what is alerted on

Control the indicators you want Suricata to alerts you on via the Indicators Alerting Settings page.

Full Suricata Integration

IDSTower will configure Suricata to alert on the Enabled Indicators & will update Suricata with the new Indicators automatically without you having to configure anything.

indicators alerting settings

14 (and more!) Integrated Feed.

IDSTower comes integrated 14 (more coming!) Open Source & commercial feeds that both covers IDS Rules and Indicators of Compromise, just click on Enable and IDSTower will do the rest!

Built-In IOCs Life Cycle Management

IDSTower will download, parse, ingest, score & auto-expire indicators, all automatically, while still giving you the control on all of these steps when needed.

Built-In Rules Life Cycle Management

IDSTower will download, parse, ingest, enable new rule revisions, expire old rules revisions and merge all of the tunning you did to the old revisions to the new ones, all automatically.

Industry Standard Feeds pre-integrated

Emerging Threats, abuse.ch Feodo Tracker, abuse.ch SSLBL Botnet C2, abuse.ch ThreatFox, Secureworks and more!, now can be enabled with a single click.

Control update frequency, import behavior & scores

You can configure the feeds settings via the Feeds Management page, control things like update frequency, assigned indicators scores, expireation date, import behavior and more!.

why IDSTower