Security Onion 2025 Year in Review

2025 has been our best year ever! Let's take a look at how Security Onion has improved this year.

Security Onion 2.4.120

https://blog.securityonion.net/2025/02/security-onion-24120-now-available.html

• Community
• Added our new AI Summary feature directly into the Alerts interface
• New Local IP Lookup Feature
• Additional Zeek parsers
• ATT&CK Navigator Improvements
• Elastic Agent MSI
• Improved SOC Cases Escalation
• Updated components
• Pro
• External API (https://docs.securityonion.net/en/2.4/connect.html)

Security Onion 2.4.130

https://blog.securityonion.net/2025/03/security-onion-24130-now-available.html

• Community:
• Updated Elastic Stack including support for all Elastic integrations
• Alerts Advanced interface can now be permanently enabled
• SOC Configuration interface is now even easier to use
• Additional Zeek parsers
• Updated components
• Pro:
• Active Query Management (https://docs.securityonion.net/en/2.4/aqm.html)

Security Onion 2.4.140

https://blog.securityonion.net/2025/03/security-onion-24140-now-available.html

• Community:
• SOC Config Improvements
• Updated components

Security Onion 2.4.150

https://blog.securityonion.net/2025/05/security-onion-24150-celebrating.html

• Community:
• Improvements to Elasticsearch deletion process
• Updated components
• Pro:
• Manager of Managers (https://docs.securityonion.net/en/2.4/mom.html)

Security Onion 2.4.160

https://blog.securityonion.net/2025/06/security-onion-24160-now-available.html

• Community:
• Playbooks and Guided Analysis
• Updated components
• Pro:
• MCP Server (https://docs.securityonion.net/en/2.4/mcp.html)
• Security Onion App for Splunk (https://docs.securityonion.net/en/2.4/splunk.html)

Security Onion 2.4.170

https://blog.securityonion.net/2025/08/security-onion-24170-now-available.html

• Community:
• JA4 Support
• More dashboards
• Updated components
• Pro:
• Hypervisor (https://docs.securityonion.net/en/2.4/hypervisor.html)

Security Onion 2.4.180

https://blog.securityonion.net/2025/09/security-onion-24180-now-available.html

• Community:
• Alert on Offline Agents
• Cancel Your Own Long Running SOC Query
• Enable Static Hostname Mapping without Reverse DNS Lookups
• Updated Components
• Pro:
• Manager Hypervisor (https://docs.securityonion.net/en/2.4/hypervisor.html)
• Reporting (https://docs.securityonion.net/en/2.4/reports.html)

Security Onion 2.4.190

https://blog.securityonion.net/2025/10/security-onion-24190-now-available.html

• Community:
• Updated components
• Pro:
• More hypervisor improvements (https://docs.securityonion.net/en/2.4/hypervisor.html)
• Onion AI Assistant (https://docs.securityonion.net/en/2.4/assistant.html)

Security Onion 2.4.200

https://blog.securityonion.net/2025/12/security-onion-24200-now-available-with.html

• Community:
• Updated components
• Pro:
• Major improvements to Onion AI Assistant (https://docs.securityonion.net/en/2.4/assistant.html)

Conclusion

2025 has been our best year ever! We've got some amazing things planned for 2026 so stay tuned!