We talked about Lawmaker in this blog before. Since then a lot has changed and in this blog post we'll go over some of the changes and features that made their way into the platform.
If you're just learning about Lawmaker, allow us to give you some background.
One year ago we decided we wanted to do something around Suricata rule and ruleset management. Our goal was to have a simple web application where we could control our suppresses, thresholds and beautify some of the things that go into managing a fleet of Suricata sensors.
Very early on in the process we decided that the effort that would go into developing this for ourselves wouldn't be much different if we decided to open it to the public.
400 backend and 300 frontend commits later, countless hours in Google Meet and so many failed builds we lost track, today is the day that we feel confident enough to share what took us 1 year to develop. Today is the day we open Lawmaker to the public!
What initially seemed like a pretty straight forward development ("ah, it's just generating a handful of text files. How hard can it be?") quickly became a complex project where we were dealing with multi-tenancy, role-based access control, API keys, a subscription system and much more.
Lawmaker is probably the best example of our posture towards information security. No BS! No charges for licensing that become prohibitive for small companies or professionals to use. Not accepting the status quo and bringing something new to the way things are done. To everyone!
Features of Lawmaker
- Manage disable, enable and thresholds - The files you need, with a user interface that you'll love
- BPF Filters - Managing your conditions for bypass of traffic in Suricata was never this easy
- Ruleset Sources - suricata-update is awesome and with this feature you get to manage it alongside everything else
- Activity Monitor - Keep an eye on everything that is happening in your tenants, across all users
- lawmaker-agent - A lightweight Bash script that runs on your sensors; Easy on resources (no dependencies!) and capable of running your entire Suricata system
- Guest Accounts - Invite people to work on your Suricata deployment; Invite the compliance team to have a read-only insight into how things are configured
- Multi-tenant - All of the features explained above within a multi-tenant architecture that allows you to manage unlimited Suricata deployments from a single account
All of it is already in the platform and much more is coming until the end of the year! No hidden pricing, contracts or dealing with "sales engineers". Sign up when you want and terminate your subscription when you don't feel like using it anymore.
Every new account in Lawmaker has a 7 day free trial! Give it a go. At work or in your own lab setup, you can quickly start using Lawmaker alongside your vanilla Suricata deployment.
It gets better though! Are you a non-profit using Suricata? Or maybe a researcher that is sharing work (blog posts, IDS signatures, PCAPs, etc) with the community? Reach out to us or DM us on Twitter and we'll set you up with voucher for lifetime free usage of the platform.
We hope you like it and we're looking forward to improving the platform with your feedback!