Alternatives and similar repositories for streamalert

Users that are interested in streamalert are comparing it to the libraries listed below

• Netflix / security_monkey
  Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.
  ☆4,363Updated 4 years ago
• airbnb / binaryalert
  BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
  ☆1,433Updated last year
• dropbox / securitybot
  Distributed alerting for the masses!
  ☆992Updated 6 years ago
• nccgroup / Scout2
  Security auditing tool for AWS environments
  ☆1,729Updated 6 years ago
• lyft / confidant
  Confidant: your secret keeper. https://lyft.github.io/confidant
  ☆1,856Updated 7 months ago
• cartography-cncf / cartography
  Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powere…
  ☆3,563Updated this week
• Netflix / repokid
  AWS Least Privilege for Distributed, High-Velocity Deployment
  ☆1,142Updated 2 years ago
• Netflix / bless
  Repository for BLESS, an SSH Certificate Authority that runs as a AWS Lambda function
  ☆2,752Updated last year
• Teevity / ice
  AWS Usage Tool
  ☆2,876Updated 2 years ago
• kolide / fleet
  A flexible control server for osquery fleets
  ☆1,104Updated 4 years ago
• tmobile / pacbot
  PacBot (Policy as Code Bot)
  ☆1,303Updated 2 years ago
• Netflix-Skunkworks / stethoscope
  Personalized, user-focused recommendations for employee information security.
  ☆2,005Updated 2 years ago
• etsy / 411
  An Alert Management Web Application
  ☆971Updated 2 years ago
• cloud-custodian / cloud-custodian
  Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resour…
  ☆5,800Updated last week
• Netflix-Skunkworks / diffy
  (DEPRECATED) Diffy is a triage tool used during cloud-centric security incidents, to help digital forensics and incident response (DFIR)…
  ☆632Updated last year
• monzo / response
  Monzo's real-time incident response and reporting tool ⚡️
  ☆1,546Updated last year
• duo-labs / cloudmapper
  CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
  ☆6,214Updated last year
• fugue / credstash
  A little utility for managing credentials in the cloud
  ☆2,063Updated 3 years ago
• Netflix-Skunkworks / sketchy
  A task based API for taking screenshots and scraping text from websites.
  ☆999Updated last year
• slackhq / go-audit
  go-audit is an alternative to the auditd daemon that ships with many distros
  ☆1,643Updated last week
• segmentio / stack
  A set of Terraform modules for configuring production infrastructure with AWS
  ☆2,098Updated 2 years ago
• PagerDuty / incident-response-docs
  PagerDuty's Incident Response Documentation.
  ☆1,031Updated 8 months ago
• mwielgoszewski / doorman
  an osquery fleet manager
  ☆618Updated 2 years ago
• etsy / morgue
  post mortem tracker
  ☆1,019Updated 5 years ago
• inspec / inspec
  InSpec: Auditing and Testing Framework
  ☆3,001Updated this week
• pinterest / knox
  Knox is a secret management service
  ☆1,247Updated 3 months ago
• salesforce / policy_sentry
  IAM Least Privilege Policy Generator
  ☆2,107Updated 2 weeks ago
• Netflix / aminator
  A tool for creating EBS AMIs. This tool currently works for CentOS/RedHat Linux images and is intended to run on an EC2 instance.
  ☆956Updated 2 years ago
• Netflix / atlas
  In-memory dimensional time series database.
  ☆3,504Updated last week
• duo-labs / cloudtracker
  CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
  ☆901Updated 3 years ago