Security Onion is a Linux-based distribution built for the purpose of network security monitoring. Monitoring the network for security-related events can be proactive, if used to identify vulnerabilities, or it can be reactive, in cases such as incident response.

Security Onion helps by providing insight into the network traffic and context around alerts.