siem

Wazuh - 开源安全平台

Main Sigma Rule Repository

Free and open log management

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

DEPRECATED - MozDef: Mozilla Enterprise Defense Platform

🐳 Elastic Stack (ELK) v8+ on Docker with Compose. Pre-configured out of the box to enable Logging, Metrics, APM, Alerting, ML, and SIEM features. Up with a Single Command.

Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

A collection of sources of documentation, as well as field best practices, to build/run a SOC

pfSense/OPNsense + Elastic Stack

#Awesome#Awesome Security lists for SOC/CERT/CTI

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

#Awesome#A collective list of public APIs for use in security. Contributions welcome

Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber

Transform Linux Audit logs for SIEM usage

tirreno - Open Source Security Analytics. Understand, monitor, and protect your app from cyber threats, account threats, and abuse. Get started — free.

Tenzir is the data pipeline engine for security teams.

Pipelined Query Language

SIEM Tactics, Techiques, and Procedures