Search Results for "siem"
Sort By:
Showing 22 open source projects for "siem"
View related business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Stigg | SaaS Monetization and Entitlements APIA monetization platform is a standalone middleware that sits between your application and your business applications, as part of the modern enterprise billing stack. Stigg unifies all the APIs and abstractions billing and platform engineers had to build and maintain in-house otherwise. Acting as your centralized source of truth, with a highly scalable and flexible entitlements management, rolling out any pricing and packaging change is now a self-service, risk-free, exercise.
-
1
Wazuh
The Open Source Security Platform
Wazuh is an open-source, unified security platform that delivers extended detection and response (XDR) and SIEM capabilities for on-premises, cloud, container, and endpoint environments. It provides comprehensive threat prevention, detection, integrity monitoring, incident response, and compliance monitoring. SIEM functionality to monitor security across endpoints, workloads, and containers. Centralized architecture enabling scalable deployment and unified management. ... -
2
syslog-ng
Log management solution that improves the performance of SIEM
syslog-ng is the log management solution that improves the performance of your SIEM solution by reducing the amount and improving the quality of data feeding your SIEM. With syslog-ng Store Box, you can find the answer. Search billions of logs in seconds using full text queries with Boolean operators to pinpoint critical logs. syslog-ng Store Box provides secure, tamper-proof storage and custom reporting to demonstrate compliance. syslog-ng can deliver data from a wide variety of sources to Hadoop, Elasticsearch, MongoDB, and Kafka as well as many others. syslog-ng flexibly routes log data from X sources to Y destinations. ... -
3
Sigma
Main Sigma Rule Repository
Welcome to the Sigma main rule repository. The place where detection engineers, threat hunters and all defensive security practitioners collaborate on detection rules. The repository offers more than 3000 detection rules of different type and aims to make reliable detections accessible to all at no cost. Sigma is an open-source tool for defining generic detection rules for security event logs, enabling security professionals to detect threats across platforms. -
4
Zeek
Zeek is a powerful network analysis framework
...Zeek interprets what it sees and creates compact, high-fidelity transaction logs, file content, and fully customized output, suitable for manual review on disk or in a more analyst-friendly tool like a security and information event management (SIEM) system. -
Junie, the AI coding agent by JetBrainsJunie is an AI-powered coding agent developed by JetBrains designed to enhance developer productivity by integrating directly into popular IDEs such as IntelliJ IDEA, PyCharm, and Android Studio. It supports developers by assisting with code completion, testing, and inspections, ensuring code quality and reducing debugging time.
-
5
Domain Password Spray
A tool written in PowerShell to perform password assessments
DomainPasswordSpray is a focused security tool designed to perform enterprise-scale password spraying assessments against Active Directory environments. It automates the process of attempting common or customized passwords against many accounts while respecting timing and throttling controls to reduce obvious lockout noise. The project includes features for credential list management, target selection (users, service accounts, or collections), and configurable rate limits so testers can tune... -
6
tirreno
Open-source security framework for devs and product teams
...While classic cybersecurity focuses on infrastructure and network perimeter, most breaches occur through compromised accounts and application logic abuse that bypasses firewalls, SIEM, WAFs, and other defenses. tirreno detects threats where they actually happen: inside your product. tirreno is a few-dependency, "low-tech" PHP/PostgreSQL application. After a straightforward five-minute installation, you can ingest events through API calls and immediately access a real-time threat dashboard. -
7
Python script to get the last 5 minutes of accepted traffic logs via the trendmicro email security API and send them to a syslog server Script Python para obtener los ultimos 5 minutos de logs de trafico aceptado por medio de la API de trendmicro email security y enviarlos a un servidor de syslog Crontab */5 * * * * /usr/local/bin/python3.9 /home/user/tmes-syslog_0.02.py 2>&1 > /home/user/errores.txt ------------ # API documentation # Getting Started with Trend Micro Email...
-
8
TheHive
Scalable, open source and free security incident response platform
TheHive is a scalable 3-in-1 open source and free Security Incident Response Platform designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly. It is the perfect companion to MISP. You can synchronize it with one or multiple MISP instances to start investigations out of MISP events. You can also export an investigation's results as a MISP event to help your peers detect... -
9
RedELK
Red Team's SIEM - tool for Red Teams used for tracking and alarming
RedELK is a tracking and monitoring tool for Red Teams, providing insights into engagements and supporting real-time situational awareness for offensive operations. -
Enterprise Job Scheduling SoftwareManaging your sprawling data center and cloud with disparate native schedulers creates chaos. Achieve unparalleled control and efficiency over your entire IT environment with JAMS job orchestration tools. JAMS provides the singular, centralized platform required to overcome the complexities of disparate native schedulers. Automate, secure, and govern all your workloads, eliminating fragmented control, compliance risks, and operational bottlenecks. JAMS streamlines operations and ensures audit-ready history, transforming your enterprise automation with confidence and precision.
-
10
cybersecdocs
Cyber | Cloud Security Documents
Jus to create this project to share some of the Use ful documents like SIEM, SOAR Use cases, Incident response plan, Risk Matrix, Policy , procedures related to cyber / cloud security . -
11
Drive Badger
Open source platform for covert data exfiltration operations.
Drive Badger is a software tool for data exfiltration – which means, for copying data from the computer to external USB drive. Unlike many other tools from IT security area, it's not a Proof-of-Concept kind of tool, bringing some groundbreaking techniques. Everything, what Drive Badger does, can be as well run manually, step by step. Instead, what Drive Badger really does, is doing it all better, by putting the maximum focus on: -
12
chandrasekar Rathinam
SIEM | SOAR | Incident Response | Digital Foensics
Sharing my document like SIEM | SOAR Use Cases, Incident Response Templates, Breach Runbook, Digital Forensics Tools, Penetration testing sample reports and Infosec Policies templates to help infosec community to build the SOC | MSSP's . -
13
Snare Lite (SIEM & Logging Software)
Snare Enterprise: bit.ly/Snare-Trial
...https://www.snaresolutions.com/try-snare-for-free/ Snare Enterprise was created to keep up with the fast paced security software market. It started with the desire to create premium logging and SIEM tools that were agnostic by nature so they could be used to boost any SIEM architecture regardless of third party developers. In fact, the agnostic nature allows it to bridge gaps between multiple SIEM implementations across business units. For more on use cases, check out the Intersect Alliance website. https://www.snaresolutions.com/ Snare Enterprise’s premium features include: - Regulatory Compliance - TLS Encryption - Log Simulcasting - TCP – Guaranteed Log Delivery - USB Device Monitoring - And more! ... -
14
MozDef
MozDef: Mozilla Enterprise Defense Platform
MozDef aims to bring real-time incident response and investigation to the defensive toolkits of security operations groups in the same way that Metasploit, LAIR, and Armitage have revolutionized the capabilities of attackers. We use MozDef to ingest security events, alert us to security issues, investigate suspicious activities, handle security incidents, and visualize and categorize threat actors. The real-time capabilities allow our security personnel all over the world to work... -
15
AlienVault OSSIM
Open Source SIEM
OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich analytics dashboards and data visualization">
-
16
Cyberoam iView; the Intelligent Logging & Reporting solution provides organizations network visibility across multiple devices to achieve higher levels of security, data confidentiality while meeting the requirements of regulatory compliance. To know more about Cyberoam and it’s security solutions visit us at www.cyberoam.com.
-
17
LogSeCA
SIEM based tool supporting audit and security assessment
LogSECA is a tool that lies on the top of SIEM concept and on XDAS OpenGroup standard. It provides the following main capabilities: » secure and reliable retention of audit records for reliability and accountability, even in case of the source of event/log fails or the logs on it are accidentally or intentionally cancelled; » correlation of audit records in order to identify violation of security policies in the different data centres of the cloud infrastructure, which it would be impossible to do if each data centre processed events separately; » alerting and notification to the interested parties (e.g. security manager of the storage infrastructure); » control on the status of the corrective actions; » reporting at different levels (for basic audit inspection, statistical) and for different purposes (for final users, for internal purposes, for auditing). ... -
18
-
19
JMassLogProcess is an next generation SIEM solution, based on high performance syslog and snmp trap collector(up to 20,000 logs/s),Distributed File System(Hadoop),Complex Event Processing Engine and ZK …….
-
20
FileProtectorExample
EaseFilter File Access Controk SDK
The EaseFilter File Control SDK is a powerful development toolkit for creating robust, kernel-level file security and data protection solutions on the Windows platform. It includes a high-performance file system filter driver that intercepts and manages all file I/O operations in real time, giving developers deep, granular control far beyond what is possible with standard Windows APIs or Access Control Lists (ACLs). The EaseFilter Control Filter Driver provides a powerful method for... -
21
EaseFilterCPPExample
EaseFilter SDK CPP Example
A C++ file security filter driver example implemented with EaseFilter File Security Filter Driver SDK. EaseFilter Comprehensive File Security SDK is a set of file system filter driver software development kit which includes file monitor filter driver, file access control filter driver, transparent file encryption filter driver, process filter driver and registry filter driver. In a single solution, EaseFilter Comprehensive File Security SDK encompasses file security, digital rights... -
22
ProcessFilterExample
EaseFilter Process Filter Driver SDK
The EaseFilter Process Filter Driver SDK is a kernel-mode development kit designed to help developers monitor and control Windows process and thread activities. By intercepting process and thread operations at the kernel level, it enables the development of robust security applications that can prevent unauthorized or malicious processes from executing. With the Process Filter Driver, it allows you to prevent the untrusted executable binaries (malwares) from being launched, protect your...
- Previous
- You're on page 1
- Next