Stamus Networks has announced the release of Clear NDR Community 1.0, an open version of its network detection and response system. This release signifies the transition of the project into the category of solutions ready for industrial operation.
Clear NDR is built on Suricata and is designed for monitoring network traffic, protocol analysis, and attack identification. The initial public beta was launched in 2024, and the system has now been enhanced with a redesigned architecture, new deployment options, and improved operational processes.
Version 1.0 offers various installation methods such as a DEBIAN ISO image with a graphical interface, an ISO image for servers without graphics, and a container version for Linux, including Docker. This flexibility allows the platform to be deployed on both physical servers and virtual machines.
Key updates include the transition to Opensearch 2.0 for improved stability and performance, an upgrade to Suricata 8.0 with expanded protocol coverage and enhanced scalability, and the introduction of Model Context Protocol for integrating third-party AI solutions.
The platform now features 58 new dashboards, over 400 Suricata data visualizations, built-in Threat Intelligence support, data management tools, an accelerated investigation process, and Deep Linking for seamless integration with external systems.
Additionally, a new notification system for releases and recommendations has been implemented. Clear NDR Community 1.0 is tailored towards network security specialists, researchers, educators, and students working with Suricata and network analysis.
Despite its open nature, Clear NDR Community 1.0 continues to support and engage with the community, providing opportunities for training in network security. The Enterprise version offers additional tools for large-scale infrastructures, including automated Threat Hunting and integration with corporate response workflows.