Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
☆1,658Jan 8, 2025Updated last year
Alternatives and similar repositories for matano
Users that are interested in matano are comparing it to the libraries listed below
Sorting:
- Granular, Actionable Adversary Emulation for the Cloud☆2,267Updated this week
- Substation is a toolkit for routing, normalizing, and enriching security event and audit logs.☆389Jan 20, 2026Updated last month
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆338Feb 13, 2026Updated 2 weeks ago
- Automating situational awareness for cloud penetration tests.☆2,299Updated this week
- Built-in Panther detection rules and policies☆439Updated this week
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆1,142Dec 19, 2025Updated 2 months ago
- Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.☆3,037Feb 24, 2026Updated last week
- Production-ready detection & response queries for osquery☆600Aug 13, 2025Updated 6 months ago
- The open source AI platform for secure enterprise agents.☆3,497Updated this week
- Tenzir is the data pipeline engine for security teams.☆725Updated this week
- Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud envir…☆13,160Updated this week
- Main Sigma Rule Repository☆10,156Updated this week
- RedEye is a visual analytic tool supporting Red & Blue Team operations☆2,740Oct 20, 2023Updated 2 years ago
- ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring su…☆1,034Feb 9, 2026Updated 3 weeks ago
- Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.☆2,208Updated this week
- IntelOwl: manage your Threat Intelligence at scale☆4,467Updated this week
- OCSF Schema☆790Updated this week
- A Software as a Service (SaaS) log collection framework.☆182Jan 16, 2026Updated last month
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…☆174Feb 22, 2026Updated last week
- Multi-Cloud Security Auditing Tool☆7,551Sep 23, 2025Updated 5 months ago
- Open Source Cloud Security☆727Oct 26, 2023Updated 2 years ago
- Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.☆7,717Updated this week
- Open Source Vulnerability Management Platform☆6,284Feb 13, 2026Updated 2 weeks ago
- Open Source Cloud Native Application Protection Platform (CNAPP)☆5,236Updated this week
- Data pipelines for cloud config and security data. Build cloud asset inventory, CSPM, FinOps, and vulnerability management solutions. Ext…☆6,335Updated this week
- Malwoverview is a rapid response tool used to gather intelligence information from VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malsh…☆3,547Jan 20, 2026Updated last month
- Generate datasets of cloud audit logs for common attacks☆234Feb 13, 2026Updated 2 weeks ago
- AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE…☆1,205Dec 29, 2025Updated 2 months ago
- ☆2,510Updated this week
- Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powere…☆3,737Updated this week
- Open Cyber Threat Intelligence Platform☆8,893Updated this week
- Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized repo…☆2,185Updated this week
- Collaborative Incident Response platform☆1,429Feb 16, 2026Updated 2 weeks ago
- Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.☆2,056May 19, 2025Updated 9 months ago
- MISP (core software) - Open Source Threat Intelligence and Sharing Platform☆6,150Updated this week
- List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.☆9,405Oct 16, 2025Updated 4 months ago
- Automated Attack Simulation in the Cloud, complete with detection use cases.☆606Nov 28, 2024Updated last year
- Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security…☆11,213Feb 18, 2026Updated 2 weeks ago
- Open device management☆6,101Updated this week