alienfault / ossim
Open Source Security Information and event Management
☆90Updated 9 years ago
Alternatives and similar repositories for ossim:
Users that are interested in ossim are comparing it to the libraries listed below
- Suricata rules for network anomaly detection☆156Updated last week
- zeek-scripts☆44Updated 6 years ago
- Sagan is a multi-threads, high performance log analysis engine. At it's core, Sagan similar to Suricata/Snort but with logs rather th…☆166Updated 2 weeks ago
- The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX accou…☆109Updated 11 months ago
- Wazuh - Splunk App☆52Updated 6 months ago
- Security event correlation engine for ELK stack☆435Updated 9 months ago
- Mapping NSM rules to MITRE ATT&CK☆70Updated 4 years ago
- DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat det…☆170Updated last year
- Suricata rules for the new critical vulnerabilities☆81Updated 4 years ago
- The tool for updating your Suricata rules.☆266Updated 3 months ago
- Wazuh - Ruleset☆438Updated 6 months ago
- Suricata, Snort and Zeek IDS rule and pcap testing system☆471Updated 2 months ago
- Docker configurations for TheHive, Cortex and 3rd party tools☆119Updated 2 years ago
- Passive Real-time Asset Detection System☆235Updated 10 months ago
- Wazuh - RESTful API☆72Updated 6 months ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆100Updated 3 years ago
- MISP Docker (XME edition)☆282Updated last year
- Scirius is a web application for Suricata ruleset management and threat hunting.☆645Updated 3 months ago
- Documentation of Cortex☆174Updated last year
- Open Source SIEM (Security Information and Event Management system).☆208Updated last year
- Snorpy is a python script the gives a Gui interface to help those new to snort create rules.☆61Updated 7 months ago
- Convert pcap files into richly-typed ZNG summary logs (Zeek, Suricata, and more)☆79Updated 5 months ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆105Updated last year
- Digital Bond's IDS/IPS rules for ICS and ICS protocols.☆144Updated 4 years ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆91Updated 2 years ago
- Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search☆449Updated 3 weeks ago
- ☆102Updated 10 years ago
- OASIS Cyber Threat Intelligence (CTI) TC: A repository for commonly used STIX objects in order to avoid needless duplication. https://gi…☆91Updated this week
- Useful resources for Zeek(https://zeek.org/) (Bro(http://bro.org/))☆31Updated 4 years ago
- PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform☆148Updated 2 years ago