-
AlienVault OSSIM
AlienVault-OSSIM is a feature-rich, open-source security information and event management (SIEM) that includes event collection, normalization, and correlation.
-
Cowrie
Cowrie is a medium interaction SSH and Telnet honeypot designed to log brute force attacks and shell interaction performed by an attacker.
-
FIR
Fast Incident Response. FIR is an open-source cybersecurity incident management and tracking platform. FIR is designed to help security teams effectively manage and respond to security incidents by providing a collaborative environment for information sharing, analysis, and documentation. It streamlines incident response workflows, enabling organizations to handle security incidents efficiently.
-
-
Hunting ELK
The Hunting ELK or simply the HELK is one of the first open source hunt platforms with advanced analytics capabilities such as SQL declarative language, graphing, structured streaming, and even machine learning via Jupyter notebooks and Apache Spark over an ELK stack
-
LogRhythm
LogRhythm, Inc. is a global security intelligence company that specializes in Security Information and Event Management (SIEM), log management, network monitoring, user behavior and security analytics.
-
MSTICPy
Microsoft Threat Intelligence Security Tools. MSTICPy is a set of Python tools intended to be used for security investigations and hunting. Many of the tools originated as code Jupyter notebooks written to solve a problem as part of a security investigation.
-
-
OSSEC:HIDS
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
-
-
-
Splunk
Splunk is a software platform that searches, analyses and visualizes machine-generated data from various sources.