Alternatives and similar repositories for ossim

Users that are interested in ossim are comparing it to the libraries listed below

• secureworks / dalton
  Suricata, Snort and Zeek IDS rule and pcap testing system
  ☆480Updated last month
• AlienVault-OTX / OTX-Suricata
  The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…
  ☆110Updated last year
• defenxor / dsiem
  Security event correlation engine for ELK stack
  ☆440Updated last year
• sudohyak / suricata-rules
  Suricata rules for the new critical vulnerabilities
  ☆82Updated 4 years ago
• travisbgreen / hunting-rules
  Suricata rules for network anomaly detection
  ☆164Updated 2 months ago
• ezarko / opendlp
  ☆109Updated 11 years ago
• quadrantsec / sagan
  Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather th…
  ☆176Updated 2 months ago
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆71Updated 4 years ago
• digitalbond / Quickdraw-Snort
  Digital Bond's IDS/IPS rules for ICS and ICS protocols.
  ☆145Updated 4 years ago
• gamelinux / prads
  Passive Real-time Asset Detection System
  ☆243Updated last year
• michalpurzynski / zeek-scripts
  zeek-scripts
  ☆44Updated 6 years ago
• Patrowl / PatrowlEngines
  PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
  ☆248Updated last week
• OISF / suricata-update
  The tool for updating your Suricata rules.
  ☆274Updated 2 weeks ago
• Patrowl / PatrowlDocs
  PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform
  ☆148Updated 3 years ago
• Hestat / ossec-sysmon
  A Ruleset to enhance detection capabilities of Ossec using Sysmon
  ☆94Updated 3 years ago
• wazuh / wazuh-ruleset
  Wazuh - Ruleset
  ☆455Updated 9 months ago
• brimdata / brimcap
  Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)
  ☆82Updated 2 months ago
• SpiderLabs / IOCs-IDPS
  This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)
  ☆104Updated 3 years ago
• zeek / zeek-agent-v2
  Open source endpoint agent providing host information to Zeek. [v2]
  ☆83Updated last week
• jasonish / evebox
  Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
  ☆459Updated 3 weeks ago
• G-Research / siembol
  An open-source, real-time Security Information & Event Management tool based on big data technologies, providing a scalable, advanced sec…
  ☆207Updated 2 months ago
• SeisoLLC / zeek-kafka
  A Zeek log writer plugin that publishes to Kafka.
  ☆48Updated 5 months ago
• blacktop / docker-zeek
  Zeek IDS Dockerfile
  ☆101Updated 2 years ago
• cyware-labs / Threat-Response-Docker
  ☆43Updated 2 years ago
• ossec / ossec-rules
  A repository for OSSEC rules and decoders
  ☆54Updated last year
• mitre / attack-navigator
  Web app that provides basic navigation and annotation of ATT&CK matrices
  ☆58Updated 5 years ago
• vfeedio / pyvfeed
  Python API for vFeed Vulnerability & Threat Intelligence Database Enterprise & Pro Editions
  ☆102Updated 2 years ago
• cedricbonhomme / pyHIDS
  A HIDS (host-based intrusion detection system) for verifying the integrity of a system.
  ☆59Updated last week
• secureworks / flowsynth
  a network packet capture compiler
  ☆200Updated 3 years ago
• certego / PcapMonkey
  PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.
  ☆154Updated 3 months ago