AI-native security provider SentinelOne and network-based threat detection and response (NDR) systems vendor Stamus Networks have announced the next stage of their partnership. Through it, the two companies will deliver comprehensive go-to-market initiatives designed to better address network security pain points through AI-powered detection and response.
Stamus is based both in Indianapolis and in Paris France. Their specialization is Suricata-based network security. Suricata is an open source-based intrusion detection system and intrusion prevention system that was originally developed by the Open Information Security Foundation, with a beta release in December 2009, and the first standard release in July 2010.
Stamus then developed the Clear NDR Community system, which built upon last year’s initial beta release with a more robust architecture, expanded deployment options, and workflow improvements that make it suitable for production environments in SMBs. Clear provides them with superior network intelligence that empower security AI platforms, closes visibility gaps and reduces alert fatigue, and gives them significant enhancements in deployment flexibility, threat intelligence integration, AI integration, and incident investigation capabilities.
Clear NDR Community 1.0 builds upon last year’s initial beta release with a more robust architecture, expanded deployment options, and workflow improvements that make it suitable for production environments in both enterprise and small-to-medium sized organizations as well as researchers, educators, students, and hobbyists who wish to explore what is possible with Suricata and the network protocol monitoring logs and alerts it produces.
“With Clear NDR Community 1.0, we’re delivering on our promise to provide the most complete open and transparent network security solution that organizations can trust for many smaller environments,” said Peter Manev, co-founder and chief strategy officer at Stamus Networks. “As the only open source NDR on the market, and the only one with Suricata 8 and AI-native interfaces, it is uniquely positioned to help security teams experience the power of deep network visibility before considering an upgrade to our Enterprise edition.”
For organizations requiring enterprise-scale deployments, Stamus Networks offers Clear NDR Enterprise, which builds upon the Community edition with additional capabilities for large-scale environments with high-fidelity security and compliance incident detection, machine learning and additional AI capabilities, advanced threat hunting, and automated response workflows.
“We believe in the power of open security tools to advance the industry’s collective defense capabilities,” Manev added. “Clear NDR Community 1.0 represents our commitment to supporting both professional security teams in smaller organizations and the broader community of security enthusiasts.”
Stamus and SentinelOne found that partnering together made more sense for both, as security teams are grappling with alert fatigue, false positives, and an ever-expanding attack surface. As organizations invest heavily in AI-powered SIEMs and develop custom LLM applications for security operations, a critical blind spot has emerged. AI systems are only as effective as the data they consume. By combining Stamus’ high-confidence network threat intelligence with SentinelOne’s AI-native platform, this integration addresses these challenges gives defenders full attack visibility across network, logs, and endpoints, and lets security teams dramatically decrease mean time to response (MTTR) times.
“Organizations are discovering that their substantial AI security investments are operating with incomplete visibility,” said Eric Leblond, co-founder and CTO of Stamus Networks. “Clear NDR fills this critical gap by providing the rich, security-focused network intelligence that bolsters AI security with comprehensive network-based situational awareness. This expanded partnership with SentinelOne amplifies customers’ existing Purple AI and Singularity investments, fueling their AI with our security-focused network intelligence – not just data – pre-processed, contextualized, and optimized for AI.”
This integration complements SentinelOne’s broader ecosystem strategy and enhances their Singularity Platform with enriched network threat data from Clear NDR. This shared intelligence improves signal fidelity and contextual awareness within the Singularity Platform, reinforcing SentinelOne as a powerful AI-native powered platform where telemetry from across the security stack comes together to power comprehensive, real-time AI threat detection and response.
Clear NDR Community now introduces multiple deployment options to accommodate diverse infrastructure requirements, and a containerized version for any Linux environment. These options enable deployment on bare metal hardware or virtual machines, providing greater flexibility than the Docker-only format available in the previous beta release. Now it has been upgraded to OpenSearch 2.0 data lake for enhanced performance and reliability. Standardized interfaces enable integration of third-party generative and agentic AI, and there are over 400 visualizations and 58 new dashboards for enhanced Suricata 8 network data. UI external integration with other systems is available through configurable Deep Linking
“Understanding and managing network-level threats is essential for cyber resilience,” said Melissa K. Smith, Senior Vice President, Global Strategic Partnerships & Initiatives at SentinelOne. Our expanded partnership with Stamus Networks will help security teams to proactively identify sophisticated threats by combining best-in-class network intelligence with AI-powered detection and response from SentinelOne. Our technology partnership with Stamus exemplifies our shared commitment to delivering connected, intelligent security ecosystems empowering customers to stay ahead of today’s pressing threats.”
This joint partnership delivers several key benefits. It can correlate network behavioral data directly with endpoint, cloud, identity and GenAI telemetry and log data for comprehensive attack surface monitoring. It can also dramatically reduce false positives through high-confidence network intelligence combined with AI-powered analysis and human-level reasoning. It also enables faster identification of lateral movement, credential abuse, and sophisticated multi-stage attacks.
“At Stamus Networks, we believe that true cybersecurity strength comes from open collaboration and shared knowledge,” said Ken Gramley, CEO at Stamus. “Our commitment to transparency means empowering our customers with the ability to inspect, integrate, and influence every aspect of their network security. This approach fosters trust, facilitates deeper understanding, and enables a truly customized and adaptive defense strategy. We’re not just providing a product; we’re building a partnership with our customers, one based on shared responsibility and a common goal of achieving cyber resilience.”
The partnership builds on the successful technical integration announced in March 2025, where Clear NDR was integrated with SentinelOne’s Singularity Platform to provide automated response capabilities and centralized threat analysis.