Alternatives and similar repositories for audit-userspace

Users that are interested in audit-userspace are comparing it to the libraries listed below

• linux-audit / audit-documentation
  Documentation and specifications
  ☆196Updated 3 months ago
• linux-audit / audit-kernel
  GitHub mirror of the Linux Kernel's audit repository
  ☆151Updated last month
• linux-application-whitelisting / fapolicyd
  File Access Policy Daemon
  ☆213Updated this week
• Neo23x0 / auditd
  Best Practice Auditd Configuration
  ☆1,621Updated 3 months ago
• OpenSCAP / scap-workbench
  SCAP Scanner And Tailoring Graphical User Interface
  ☆232Updated last year
• SELinuxProject / refpolicy
  SELinux Reference Policy v2
  ☆325Updated this week
• bfuzzy / auditd-attack
  A Linux Auditd rule set mapped to MITRE's Attack Framework
  ☆789Updated 4 years ago
• palantir / osquery-configuration
  A repository for using osquery for incident detection and response
  ☆847Updated 2 years ago
• aide / aide
  aide source code
  ☆604Updated 2 weeks ago
• OISF / suricata-update
  The tool for updating your Suricata rules.
  ☆270Updated last month
• OpenSCAP / openscap
  NIST Certified SCAP 1.2 toolkit
  ☆1,498Updated last week
• Tripwire / tripwire-open-source
  Open Source Tripwire®
  ☆894Updated last year
• threathunters-io / laurel
  Transform Linux Audit logs for SIEM usage
  ☆763Updated this week
• dev-sec / linux-baseline
  DevSec Linux Baseline - InSpec Profile
  ☆809Updated 8 months ago
• microsoft / SysmonForLinux
  Sysmon for Linux
  ☆1,882Updated 2 weeks ago
• StamusNetworks / scirius
  Scirius is a web application for Suricata ruleset management and threat hunting.
  ☆649Updated last month
• OwlCyberDefense / refpolicy
  refpolicy has moved to https://github.com/SELinuxProject/refpolicy
  ☆126Updated 6 years ago
• wazuh / wazuh-ruleset
  Wazuh - Ruleset
  ☆447Updated 7 months ago
• jmpsec / osctrl
  Fast and efficient osquery management
  ☆443Updated last month
• microsoft / SysinternalsEBPF
  The Linux port of the Sysinternals Sysmon tool.
  ☆261Updated last month
• jasonish / evebox
  Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
  ☆457Updated last week
• shirkdog / pulledpork
  Pulled Pork for Snort and Suricata rule management (from Google code)
  ☆435Updated 3 years ago
• hardenedlinux / Debian-GNU-Linux-Profiles
  Debian GNU/Linux based Services Profiles
  ☆238Updated 3 years ago
• mrash / psad
  psad: Intrusion Detection and Log Analysis with iptables
  ☆400Updated last year
• pevma / SEPTun
  Suricata Extreme Performance Tuning guide
  ☆208Updated 7 years ago
• slackhq / go-audit
  go-audit is an alternative to the auditd daemon that ships with many distros
  ☆1,620Updated 3 weeks ago
• corelight / community-id-spec
  An open standard for hashing network flows into identifiers, a.k.a "Community IDs".
  ☆178Updated 7 months ago
• linux-pam / linux-pam
  Linux PAM (Pluggable Authentication Modules for Linux) project
  ☆682Updated 3 weeks ago
• CISecurity / OVALRepo
  ☆276Updated last year
• NLnetLabs / ldns
  LDNS is a DNS library that facilitates DNS tool programming
  ☆320Updated last week