Repository navigation
siem
- Website
- Wikipedia
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Main Sigma Rule Repository
Free and open log management
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
DEPRECATED - MozDef: Mozilla Enterprise Defense Platform
🐳 Elastic Stack (ELK) v8+ on Docker with Compose. Pre-configured out of the box to enable Logging, Metrics, APM, Alerting, ML, and SIEM features. Up with a Single Command.
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
A collection of sources of documentation, as well as field best practices, to build/run a SOC
Awesome Security lists for SOC/CERT/CTI
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
A collective list of public APIs for use in security. Contributions welcome
Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber
tirreno - Open Source Application Security Analytics. Understand, monitor, and protect your application from cyber threats, account threats, and abuse. Get started — free.
Transform Linux Audit logs for SIEM usage
Tenzir is the data pipeline engine for security teams.
Pipelined Query Language
