utmstack / UTMStack
Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.
☆265Updated this week
Alternatives and similar repositories for UTMStack:
Users that are interested in UTMStack are comparing it to the libraries listed below
- Fully automated host & network intrusion detection platform. Detects malware from behavioural patterns rather than signatures and enables…☆132Updated last year
- SOCFortress CoPilot☆268Updated this week
- ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident…☆388Updated this week
- Open Source SIEM Stack☆86Updated last month
- Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis…☆277Updated this week
- A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contr…☆187Updated 3 weeks ago
- A simple application that extracts your IoCs from garbage input and checks their reputation using multiple CTI services.☆351Updated last week
- Automation tool for Windows Deception Host Burn-In☆85Updated 4 months ago
- Analyze pcaps with Zeek and a Grafana Dashboard☆175Updated 10 months ago
- Useful scripts for those administering Wazuh☆83Updated 3 months ago
- ☆84Updated last week
- MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs☆723Updated last week
- Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!☆718Updated 3 weeks ago
- Bitor Scanning Software☆367Updated last week
- 🤖 Admyral enables continuous control monitoring for any custom control☆326Updated 4 months ago
- Logging Made Easy (LME) is a no cost, open source platform that centralizes log collection, enhances threat detection, and enables real-…☆995Updated this week
- SCuBA Secure Configuration Baselines and assessment tool for Google Workspace☆215Updated this week
- Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs an…☆397Updated 2 weeks ago
- Rapidly Search and Hunt through Linux Forensics Artifacts☆188Updated last year
- A website and framework for testing NIDS detection☆251Updated 6 months ago
- Docker image for MISP☆125Updated 3 weeks ago
- ☆73Updated 3 weeks ago
- Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streaml…☆242Updated this week
- NethSecurity image and build environment☆122Updated this week
- ☆258Updated 4 months ago
- BlueHound - pinpoint the security issues that actually matter☆733Updated last year
- A standard for reducing log volume without sacrificing analytical capability☆203Updated last month
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆92Updated 3 years ago
- This project is a SIEM with SIRP and Threat Intel, all in one.☆432Updated 4 months ago
- A flexible threat detection platform that simplifies rule management and deployment using K8s CronJob and Helm, but can also run standalo…☆375Updated 6 months ago