SNORT / Suricata Subscription cost
-
Hi,
I am looking to configure SNORT, there is some documentation for beginners, thanks to the community
When I looked it seems the yearly subscription for SNORT is 30$ for home use(which is what I need it for), but there is also a free subscription when the caveat of a delay of 30 days to get an update? is this correct?
Also couldn't find the subscription cost for Suricata
Can the community kindly elighten me on the above 2 topics
Thankyou
-
There are two options for using the Snort Subscriber Rules from Cisco/Talos (they are the author and maintainer for those rules).
Option 1 is free, which you get by simply registering with an email address. But those rules are 30-days old as you mentioned. Say some new threat comes out tomorrow, for example, it will not show up in the free rules until 30 days AFTER it gets published in the paid rules.
Option 2 is the paid Snort Subscriber Rules subscription. It is $29.99 annually for home use. Commercial use is more expensive (I think around $300 per year, but I have not checked recently). The paid rules are always current, and new threats are quickly covered by the rules.
Suricata is not directly affiliated with a rules package vendor like Snort. Instead, it can ingest rules from the Snort Subscriber set or from Emerging Threats (now owned by Proofpoint). However, Emerging Threats does not offer a home license. They only offer a commercial one, and it was close to $900 per year last time I checked. It may have dropped a bit in price, but it certainly is not $30! Emerging Threats (back before Proofpoint bought them) was an energetic sponsor of the open-source team that created Suricata (OISF). So they produce a rules package customized for Suricata use. With Snort rules in Suricata, you must be aware that some of the rules will not load due to syntax differences. Snort has some keywords and functions that Suricata does not yet support. Emerging Threats also has a free version, but it is limited in coverage and lacks support for the most current threats.
-
@bmeeks Thankyou, that answers my questions, really appreciate the response