Alternatives and similar repositories for audit-userspace:

Users that are interested in audit-userspace are comparing it to the libraries listed below

• linux-audit / audit-documentation
  Documentation and specifications
  ☆187Updated this week
• linux-audit / audit-kernel
  GitHub mirror of the Linux Kernel's audit repository
  ☆144Updated last week
• linux-application-whitelisting / fapolicyd
  File Access Policy Daemon
  ☆207Updated last week
• Neo23x0 / auditd
  Best Practice Auditd Configuration
  ☆1,547Updated 3 months ago
• SELinuxProject / refpolicy
  SELinux Reference Policy v2
  ☆311Updated last week
• bfuzzy / auditd-attack
  A Linux Auditd rule set mapped to MITRE's Attack Framework
  ☆778Updated 4 years ago
• OISF / suricata-update
  The tool for updating your Suricata rules.
  ☆262Updated last month
• OpenSCAP / scap-workbench
  SCAP Scanner And Tailoring Graphical User Interface
  ☆228Updated 11 months ago
• jmpsec / osctrl
  Fast and efficient osquery management
  ☆406Updated this week
• palantir / osquery-configuration
  A repository for using osquery for incident detection and response
  ☆837Updated 2 years ago
• microsoft / SysmonForLinux
  Sysmon for Linux
  ☆1,799Updated last week
• microsoft / SysinternalsEBPF
  The Linux port of the Sysinternals Sysmon tool.
  ☆253Updated this week
• threathunters-io / laurel
  Transform Linux Audit logs for SIEM usage
  ☆733Updated this week
• OpenSCAP / openscap
  NIST Certified SCAP 1.2 toolkit
  ☆1,412Updated 2 weeks ago
• shirkdog / pulledpork
  Pulled Pork for Snort and Suricata rule management (from Google code)
  ☆424Updated 3 years ago
• pevma / SEPTun
  Suricata Extreme Performance Tuning guide
  ☆205Updated 6 years ago
• sjvermeu / cvechecker
  Command-line utility to scan the system and report on potential vulnerabilities, based on public CVE data
  ☆259Updated last year
• jasonish / evebox
  Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
  ☆438Updated this week
• OwlCyberDefense / refpolicy
  refpolicy has moved to https://github.com/SELinuxProject/refpolicy
  ☆126Updated 6 years ago
• bro / bro
  Mirror of https://github.com/zeek/zeek
  ☆169Updated last year
• OISF / suricata-verify
  Suricata Verification Tests - Testing Suricata Output
  ☆104Updated this week
• redcanaryco / redcanary-ebpf-sensor
  Red Canary's eBPF Sensor
  ☆101Updated 6 months ago
• CISecurity / OVALRepo
  ☆271Updated last year
• rocknsm / rock
  Automated deployment scripts for the RockNSM network hunting distribution.
  ☆448Updated last year
• cloudflare / bpftools
  BPF Tools - packet analyst toolkit
  ☆1,199Updated 4 months ago
• cormander / tpe-lkm
  Trusted Path Execution (TPE) Linux Kernel Module
  ☆157Updated 5 years ago
• teoseller / osquery-attck
  Mapping the MITRE ATT&CK Matrix with Osquery
  ☆786Updated last year
• lkrg-org / lkrg
  Linux Kernel Runtime Guard
  ☆419Updated last month
• fedora-selinux / selinux-policy
  selinux-policy for Fedora is a large patch off the mainline
  ☆168Updated this week
• SELinuxProject / selinux-notebook
  The SELinux Notebook
  ☆580Updated 2 weeks ago