Alternatives and similar repositories for security-analytics

Users that are interested in security-analytics are comparing it to the libraries listed below

• zeek / zeek-agent-v2
  Open source endpoint agent providing host information to Zeek. [v2]
  ☆85Updated last week
• FoxIO-LLC / LogSlash
  A standard for reducing log volume without sacrificing analytical capability
  ☆209Updated 6 months ago
• mitre / saf
  The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools…
  ☆162Updated this week
• Cargill / OpenSIEM-Logstash-Parsing
  SIEM Logstash parsing for more than hundred technologies
  ☆187Updated 2 weeks ago
• SumoLogic / cloud-siem-content-catalog
  ☆26Updated last week
• Shuffle / python-apps
  Apps to be used for Shuffle automation. Most of Shuffle's apps (2500+) are generated from APIs, and available in the search engine below:
  ☆116Updated last week
• z1pti3 / jimi
  Jimi is an automation first no-code platform designed and developed originally for Security Orchestration and Response. Since its launch …
  ☆167Updated last year
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆134Updated last year
• sttor / awesome-osquery
  Osquery Resources
  ☆62Updated 6 years ago
• google / osdfir-infrastructure
  Helm charts for running open source digital forensic tools in Kubernetes
  ☆114Updated 2 weeks ago
• ocsf / examples
  This repo contains example of raw event examples and possible translations to the OCSF schema.
  ☆44Updated 3 weeks ago
• SigmaHQ / sigma-cli
  The Sigma command line interface based on pySigma
  ☆158Updated 2 weeks ago
• prowler-cloud / py-ocsf-models
  OCSF (https://schema.ocsf.io/) models in Python using Pydantic.
  ☆23Updated 3 weeks ago
• runreveal / sigmalite
  ☆47Updated 5 months ago
• panther-labs / panther-analysis
  Built-in Panther detection rules and policies
  ☆412Updated this week
• elastic / ecs-mapper
  Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash
  ☆54Updated 3 years ago
• ocsf / ocsf-docs
  OCSF Documentation
  ☆137Updated 2 months ago
• zercurity / zercurity
  Manage, monitor and improve your cyber security posture.
  ☆93Updated 2 years ago
• dwillowtree / diana
  Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )
  ☆187Updated 11 months ago
• 3CORESec / SIEGMA
  SIEGMA - Transform Sigma rules into SIEM consumables
  ☆154Updated 5 months ago
• SAP / cloud-active-defense
  Add a layer of active defense to your cloud applications.
  ☆95Updated 3 weeks ago
• ExabeamLabs / Content-Library-CIM2
  ☆25Updated this week
• elastic / elastic-agent
  Elastic Agent - single, unified way to add monitoring for logs, metrics, and other types of data to a host.
  ☆194Updated this week
• Security-Onion-Solutions / securityonion-image
  ☆50Updated last week
• OTRF / OSSEM-CDM
  OSSEM Common Data Model
  ☆56Updated 2 years ago
• invictus-ir / ALFA
  ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…
  ☆164Updated 5 months ago
• OpenCTI-Platform / docker
  OpenCTI Docker deployment helpers
  ☆200Updated last week
• wazuh / wazuh-splunk
  Wazuh - Splunk App
  ☆56Updated 11 months ago
• UncoderIO / Roota
  Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …
  ☆128Updated last year
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated 2 months ago