Top Alternatives to TruKno

ThreatScout

Federated SecOps platform for threat hunting across SIEMs, EDRs & data lakes.

detections.ai Detections

Community platform for sharing and creating detection rules with AI

SOC Prime Threat Detection Marketplace

Threat detection marketplace with Sigma rules for SIEM and shift-left detection

Cyborg Security HUNTER

Threat hunting platform with free hunt packages and educational resources.

Cybereason Threat Hunting

Proactive threat hunting platform for detecting and investigating attacks

Gambit KnightGuard for Threat Hunting & Detection

AI-driven threat detection & hunting platform with MITRE ATT&CK analytics

Constella Hunter

Deep OSINT investigation tool for threat actor attribution and analysis

PacketWatch Managed Threat Hunting

Managed service with human analysts hunting threats across client networks.

Stairwell

File analysis & threat intel search engine for SOC and IR teams.

Stairwell Variant Discovery

Expands a single malware hash into full family visibility via structural analysis.

Simbian AI Threat Hunt Agent

AI agent that autonomously validates threat hunt hypotheses across enterprise data

GoSecure Titan® Threat Hunting Services

Human-led threat hunting service for uncovering hidden adversaries

Alpine Security Threat Detection

Continuous threat hunting service based on TTP analysis and EDR exploitation

The Threat Hunter Playbook

A community-driven open source project providing interactive notebooks with detection logic, adversary tradecraft, and resources organized according to MITRE ATT&CK framework for threat hunting and detection development.

Canadian Centre for Cyber Security CCCS YARA Specification

Define and validate YARA rule metadata with CCCS YARA Specification.

YaraDbg

A free web-based Yara debugger for security analysts to write hunting or detection rules with ease.

Signature-Base

YARA signature and IOC database for LOKI and THOR Lite scanners with high quality rules and IOCs.

YLS Language Server for YARA Language

YLS Language Server for YARA Language with comprehensive features and Python 3.8 support.

EQL Analytics Library

A library of event-based analytics written in EQL to detect adversary behaviors identified in MITRE ATT&CK, providing detection rules for the Elastic Stack.

msticpy

msticpy is a Python library for InfoSec investigation and threat hunting in Jupyter Notebooks, providing data querying, threat intelligence enrichment, analysis capabilities, and interactive visualizations.

Oriana

Threat hunting tool leveraging Windows events for identifying outliers and suspicious behavior.

Alerting and Detection Strategies Framework

A framework for improving detection strategies and alert efficacy.

Telekom Security Malware Analysis Repository

Repository of scripts, signatures, and IOCs related to various malware analysis topics.