Alternatives and similar repositories for audit-userspace

Users that are interested in audit-userspace are comparing it to the libraries listed below

• linux-audit / audit-documentation
  Documentation and specifications
  ☆201Updated last year
• linux-audit / audit-kernel
  GitHub mirror of the Linux Kernel's audit repository
  ☆157Updated this week
• linux-application-whitelisting / fapolicyd
  File Access Policy Daemon
  ☆231Updated last week
• Neo23x0 / auditd
  Best Practice Auditd Configuration
  ☆1,751Updated 2 months ago
• aide / aide
  aide source code
  ☆677Updated last week
• SELinuxProject / refpolicy
  SELinux Reference Policy v2
  ☆367Updated this week
• OpenSCAP / scap-workbench
  SCAP Scanner And Tailoring Graphical User Interface
  ☆233Updated last year
• CISecurity / OVALRepo
  ☆282Updated 2 years ago
• OpenSCAP / openscap
  NIST Certified SCAP 1.2 toolkit
  ☆1,652Updated last week
• bfuzzy / auditd-attack
  A Linux Auditd rule set mapped to MITRE's Attack Framework
  ☆824Updated 5 years ago
• OISF / suricata-update
  The tool for updating your Suricata rules.
  ☆289Updated 3 months ago
• threathunters-io / laurel
  Transform Linux Audit logs for SIEM usage
  ☆811Updated last month
• Tripwire / tripwire-open-source
  Open Source Tripwire®
  ☆922Updated last year
• wazuh / wazuh-ruleset
  Wazuh - Ruleset
  ☆502Updated last year
• jasonish / evebox
  Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
  ☆481Updated 2 weeks ago
• corelight / community-id-spec
  An open standard for hashing network flows into identifiers, a.k.a "Community IDs".
  ☆193Updated last year
• StamusNetworks / scirius
  Scirius is a web application for Suricata ruleset management and threat hunting.
  ☆675Updated last month
• mrash / fwknop
  Single Packet Authorization > Port Knocking
  ☆1,297Updated 2 months ago
• shirkdog / pulledpork
  Pulled Pork for Snort and Suricata rule management (from Google code)
  ☆442Updated 4 years ago
• SELinuxProject / setools
  SELinux Policy Analysis Tools
  ☆192Updated 3 months ago
• clearlinux / cve-check-tool
  Original Automated CVE Checking Tool
  ☆212Updated 6 years ago
• pevma / SEPTun-Mark-II
  Suricata Extreme Performance Tuning guide - Mark II
  ☆121Updated 7 years ago
• jasonish / docker-suricata
  A Suricata Docker image.
  ☆313Updated this week
• microsoft / SysmonForLinux
  Sysmon for Linux
  ☆2,055Updated last week
• palantir / osquery-configuration
  A repository for using osquery for incident detection and response
  ☆880Updated 4 months ago
• jmpsec / osctrl
  Fast and efficient osquery management
  ☆486Updated last month
• pevma / SEPTun
  Suricata Extreme Performance Tuning guide
  ☆213Updated 7 years ago
• secureworks / dalton
  Suricata, Snort and Zeek IDS rule and pcap testing system
  ☆512Updated 3 weeks ago
• idaholab / Malcolm
  Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…
  ☆449Updated last week
• Scribery / tlog
  Terminal I/O logger
  ☆363Updated 2 months ago