Security Information and Event Management
SIEM platforms for centralized security log management, correlation, alerting, and compliance reporting.
Explore 50 curated cybersecurity tools, with 14,802+ visitors searching for solutions
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Get Featured
Feature your product and reach thousands of professionals.
RELATED TASKS
Python application to translate Zeek logs into ElasticSearch's bulk load JSON format with detailed instructions and features.
Python application to translate Zeek logs into ElasticSearch's bulk load JSON format with detailed instructions and features.
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.
ElastAlert is a framework for alerting on anomalies in Elasticsearch data.
ElastAlert is a framework for alerting on anomalies in Elasticsearch data.
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
IBM QRadar is a SIEM solution for real-time threat detection.
IBM QRadar is a SIEM solution for real-time threat detection.
A repository providing guidance on collecting security-relevant Windows event logs using Windows Event Forwarding (WEF).
A repository providing guidance on collecting security-relevant Windows event logs using Windows Event Forwarding (WEF).
A Python library and command line tool that creates interactive visualizations for log data analysis with zoom and navigation capabilities.
A Python library and command line tool that creates interactive visualizations for log data analysis with zoom and navigation capabilities.
A framework for creating standardized cybersecurity event schemas in JSON format that enables interoperability across security tools and platforms.
A framework for creating standardized cybersecurity event schemas in JSON format that enables interoperability across security tools and platforms.
A cloud-native, event-driven data pipeline toolkit for security teams that processes and routes data across AWS services with custom formatting and API enrichment capabilities.
A cloud-native, event-driven data pipeline toolkit for security teams that processes and routes data across AWS services with custom formatting and API enrichment capabilities.
A method for log volume reduction without losing analytical capability.
A method for log volume reduction without losing analytical capability.
Event Log Explorer is a software solution for viewing, analyzing, and monitoring events recorded in Microsoft Windows event logs, offering advanced features and efficient filtering capabilities.
Event Log Explorer is a software solution for viewing, analyzing, and monitoring events recorded in Microsoft Windows event logs, offering advanced features and efficient filtering capabilities.
Elasticsearch is a versatile platform for centralized data storage, fast search, and scalable analytics.
Elasticsearch is a versatile platform for centralized data storage, fast search, and scalable analytics.
Home for rules used by Elastic Security with code for unit testing, Kibana integration, and Red Team Automation.
Home for rules used by Elastic Security with code for unit testing, Kibana integration, and Red Team Automation.
An open source cloud-native security data lake platform for AWS that normalizes security logs into structured data with Detection-as-Code capabilities and vendor-neutral storage using open standards.
An open source cloud-native security data lake platform for AWS that normalizes security logs into structured data with Detection-as-Code capabilities and vendor-neutral storage using open standards.
A community-led project focused on standardizing security event logs.
A community-led project focused on standardizing security event logs.
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
Serverless, real-time data analysis framework for incident detection and response.
Serverless, real-time data analysis framework for incident detection and response.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
Access a repository of Analytic Stories and security guides mapped to industry frameworks, with Splunk searches, machine learning algorithms, and playbooks for threat detection and response.
Access a repository of Analytic Stories and security guides mapped to industry frameworks, with Splunk searches, machine learning algorithms, and playbooks for threat detection and response.
A command-line tool for searching AWS CloudWatch logs using pattern matching with configurable parameters for log groups, time ranges, and regions.
A command-line tool for searching AWS CloudWatch logs using pattern matching with configurable parameters for log groups, time ranges, and regions.
A collection of detections for Panther SIEM with detailed setup instructions.
A collection of detections for Panther SIEM with detailed setup instructions.
Graylog offers advanced log management and SIEM capabilities to enhance security and compliance across various industries.
Graylog offers advanced log management and SIEM capabilities to enhance security and compliance across various industries.
