Security Information and Event Management
SIEM platforms for centralized security log management, correlation, alerting, and compliance reporting.
Explore 148 curated cybersecurity tools, with 15,216 visitors searching for solutions
FEATURED
RELATED TASKS
A Security Information and Event Management (SIEM) system with a focus on security and minimalism.
A Security Information and Event Management (SIEM) system with a focus on security and minimalism.
AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.
AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.
An alternative to the auditd daemon with goals of safety, speed, JSON output, and pluggable pipelines connecting to the Linux kernel via netlink.
An alternative to the auditd daemon with goals of safety, speed, JSON output, and pluggable pipelines connecting to the Linux kernel via netlink.
Python application to translate Zeek logs into ElasticSearch's bulk load JSON format with detailed instructions and features.
Python application to translate Zeek logs into ElasticSearch's bulk load JSON format with detailed instructions and features.
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale.
ElastAlert is a framework for alerting on anomalies in Elasticsearch data.
ElastAlert is a framework for alerting on anomalies in Elasticsearch data.
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
IBM QRadar is a SIEM solution for real-time threat detection.
IBM QRadar is a SIEM solution for real-time threat detection.
A repository providing guidance on collecting security-relevant Windows event logs using Windows Event Forwarding (WEF).
A repository providing guidance on collecting security-relevant Windows event logs using Windows Event Forwarding (WEF).
A Python library and command line tool that creates interactive visualizations for log data analysis with zoom and navigation capabilities.
A Python library and command line tool that creates interactive visualizations for log data analysis with zoom and navigation capabilities.
A framework for creating standardized cybersecurity event schemas in JSON format that enables interoperability across security tools and platforms.
A framework for creating standardized cybersecurity event schemas in JSON format that enables interoperability across security tools and platforms.
A cloud-native, event-driven data pipeline toolkit for security teams that processes and routes data across AWS services with custom formatting and API enrichment capabilities.
A cloud-native, event-driven data pipeline toolkit for security teams that processes and routes data across AWS services with custom formatting and API enrichment capabilities.
A method for log volume reduction without losing analytical capability.
A method for log volume reduction without losing analytical capability.
Event Log Explorer is a software solution for viewing, analyzing, and monitoring events recorded in Microsoft Windows event logs, offering advanced features and efficient filtering capabilities.
Event Log Explorer is a software solution for viewing, analyzing, and monitoring events recorded in Microsoft Windows event logs, offering advanced features and efficient filtering capabilities.
Home for rules used by Elastic Security with code for unit testing, Kibana integration, and Red Team Automation.
Home for rules used by Elastic Security with code for unit testing, Kibana integration, and Red Team Automation.
An open source cloud-native security data lake platform for AWS that normalizes security logs into structured data with Detection-as-Code capabilities and vendor-neutral storage using open standards.
An open source cloud-native security data lake platform for AWS that normalizes security logs into structured data with Detection-as-Code capabilities and vendor-neutral storage using open standards.
A community-led project focused on standardizing security event logs.
A community-led project focused on standardizing security event logs.
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
Serverless, real-time data analysis framework for incident detection and response.
Serverless, real-time data analysis framework for incident detection and response.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
Access a repository of Analytic Stories and security guides mapped to industry frameworks, with Splunk searches, machine learning algorithms, and playbooks for threat detection and response.
Access a repository of Analytic Stories and security guides mapped to industry frameworks, with Splunk searches, machine learning algorithms, and playbooks for threat detection and response.
A command-line tool for searching AWS CloudWatch logs using pattern matching with configurable parameters for log groups, time ranges, and regions.
A command-line tool for searching AWS CloudWatch logs using pattern matching with configurable parameters for log groups, time ranges, and regions.
Stay Updated with Mandos Brief
Get the latest cybersecurity updates in your inbox
TRENDING CATEGORIES
POPULAR
A threat intelligence aggregation service that consolidates and summarizes security updates from multiple sources to provide comprehensive cybersecurity situational awareness.
AI security assurance platform for red-teaming, guardrails & compliance
Real-time OSINT monitoring for leaked credentials, data, and infrastructure
FEATURED
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
Fractional CISO services for B2B companies to build security programs
Security Information and Event Management Tools - FAQ
Common questions about Security Information and Event Management tools including selection guides, pricing, and comparisons.
SIEM platforms for centralized security log management, correlation, alerting, and compliance reporting.