RockNSM is the premier sensor platform for Network Security Monitoring (NSM) hunting and incident response (IR) operations. ROCK is the open-source security distribution that prioritizes being:
Above all else, ROCK exists to aid the analyst in the fight to find the
If you're already familiar with building sensors you can jump straight into things in the Quickstart Guide.
See the Releases page for the latest info on ROCK 2.4.
About - project overview / background / dataflow
Install - requirements / install media / installation
Configure - configuring for your use case
Deploy - development via Ansible playbooks
Usage - basic usage overview and troubleshooting
Services - component directory and management info
Reference - concept / design, components / dataflow