Alternatives and similar repositories for audit-userspace:

Users that are interested in audit-userspace are comparing it to the libraries listed below

• linux-audit / audit-documentation
  Documentation and specifications
  ☆189Updated last month
• linux-audit / audit-kernel
  GitHub mirror of the Linux Kernel's audit repository
  ☆146Updated last month
• linux-application-whitelisting / fapolicyd
  File Access Policy Daemon
  ☆207Updated 3 weeks ago
• SELinuxProject / refpolicy
  SELinux Reference Policy v2
  ☆314Updated last week
• bfuzzy / auditd-attack
  A Linux Auditd rule set mapped to MITRE's Attack Framework
  ☆782Updated 4 years ago
• Neo23x0 / auditd
  Best Practice Auditd Configuration
  ☆1,570Updated last month
• OpenSCAP / scap-workbench
  SCAP Scanner And Tailoring Graphical User Interface
  ☆228Updated last year
• SELinuxProject / setools
  SELinux Policy Analysis Tools
  ☆166Updated last month
• cloudflare / bpftools
  BPF Tools - packet analyst toolkit
  ☆1,202Updated 5 months ago
• OpenSCAP / openscap
  NIST Certified SCAP 1.2 toolkit
  ☆1,439Updated 2 weeks ago
• palantir / osquery-configuration
  A repository for using osquery for incident detection and response
  ☆839Updated 2 years ago
• OISF / suricata-update
  The tool for updating your Suricata rules.
  ☆266Updated 2 months ago
• lkrg-org / lkrg
  Linux Kernel Runtime Guard
  ☆433Updated last month
• threathunters-io / laurel
  Transform Linux Audit logs for SIEM usage
  ☆748Updated this week
• wazuh / wazuh-ruleset
  Wazuh - Ruleset
  ☆437Updated 5 months ago
• pevma / SEPTun
  Suricata Extreme Performance Tuning guide
  ☆207Updated 6 years ago
• aide / aide
  aide source code
  ☆573Updated this week
• dev-sec / linux-baseline
  DevSec Linux Baseline - InSpec Profile
  ☆794Updated 6 months ago
• OwlCyberDefense / refpolicy
  refpolicy has moved to https://github.com/SELinuxProject/refpolicy
  ☆126Updated 6 years ago
• microsoft / SysinternalsEBPF
  The Linux port of the Sysinternals Sysmon tool.
  ☆255Updated last month
• Tripwire / tripwire-open-source
  Open Source Tripwire®
  ☆877Updated last year
• shirkdog / pulledpork
  Pulled Pork for Snort and Suricata rule management (from Google code)
  ☆428Updated 3 years ago
• sjvermeu / cvechecker
  Command-line utility to scan the system and report on potential vulnerabilities, based on public CVE data
  ☆261Updated last year
• OISF / libhtp
  LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces.
  ☆297Updated 2 months ago
• Magentron / chkrootkit
  This program locally checks for signs of a rootkit. 'Forked' to fix false-positive for SucKIT rootkit
  ☆223Updated 2 years ago
• redcanaryco / redcanary-ebpf-sensor
  Red Canary's eBPF Sensor
  ☆101Updated 7 months ago
• jmpsec / osctrl
  Fast and efficient osquery management
  ☆418Updated last week
• facebookincubator / nvdtools
  A set of tools to work with the feeds (vulnerabilities, CPE dictionary etc.) distributed by National Vulnerability Database (NVD)
  ☆459Updated last year
• cloudflare / xdpcap
  tcpdump like XDP packet capture
  ☆712Updated 5 months ago
• containers / udica
  This repository contains a tool for generating SELinux security profiles for containers
  ☆504Updated last month