Security Information and Event Management
SIEM platforms for centralized security log management, correlation, alerting, and compliance reporting.
Browse 334 security information and event management tools
FEATURED
RELATED TASKS
ElastAlert is a framework for alerting on anomalies in Elasticsearch data.
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
A repository providing guidance on collecting security-relevant Windows event logs using Windows Event Forwarding (WEF).
A Python library and command line tool that creates interactive visualizations for log data analysis with zoom and navigation capabilities.
A framework for creating standardized cybersecurity event schemas in JSON format that enables interoperability across security tools and platforms.
A cloud-native, event-driven data pipeline toolkit for security teams that processes and routes data across AWS services with custom formatting and API enrichment capabilities.
A method for log volume reduction without losing analytical capability.
Event Log Explorer is a software solution for viewing, analyzing, and monitoring events recorded in Microsoft Windows event logs, offering advanced features and efficient filtering capabilities.
Home for rules used by Elastic Security with code for unit testing, Kibana integration, and Red Team Automation.
An open source cloud-native security data lake platform for AWS that normalizes security logs into structured data with Detection-as-Code capabilities and vendor-neutral storage using open standards.
A community-led project focused on standardizing security event logs.
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
Serverless, real-time data analysis framework for incident detection and response.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
Access a repository of Analytic Stories and security guides mapped to industry frameworks, with Splunk searches, machine learning algorithms, and playbooks for threat detection and response.
A command-line tool for searching AWS CloudWatch logs using pattern matching with configurable parameters for log groups, time ranges, and regions.
A collection of detections for Panther SIEM with detailed setup instructions.
SysmonSearch makes event log analysis more effective by aggregating Microsoft Sysmon logs and providing detailed analysis through Elasticsearch and Kibana.
Security Information and Event Management Tools - FAQ
Common questions about Security Information and Event Management tools including selection guides, pricing, and comparisons.
SIEM platforms for centralized security log management, correlation, alerting, and compliance reporting.
