We make the world's networks safer.

Is Bro an IDS? Or something more?

Since its creation Bro, has been called an intrusion detection system, but many think Bro is different and more powerful than a typical IDS. Read this white paper to learn about the differences in philosophy and architecture of Bro vs an IDS.

Get your free white paper:

We collect your email and name so we can email you this guide as a PDF. Check out our privacy policy to learn how we keep your personal information secure.

Look Inside

Is Bro an IDS?
Download the white paper to find out.

Corelight was founded by the creators and maintainers of Bro to build enterprise solutions built on the Bro Network Security Monitor. One of the confusing things about Bro is that while it’s often called an intrusion detection system (IDS), many would argue that it isn’t one at all. So, which is it, IDS or not IDS? 

Key topics covered:

  • What's an IDS?
  • How can we say that Bro is not an IDS?
    Wasn't it designed to detect intrusions?
  • Why isn't an IDS enough?
  • What about PCAP - isn't that the right tool for deep forensic analysis?
  • Network data for humans
Get your free whitepaper now