Security Operations for Open Source
Tols and platforms for managing and optimizing security operations centers (SOCs). Task: Open SourceExplore 20 curated tools and resources
Search by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
An open-source incident response case management tool that provides visualization, threat intelligence lookups, and security framework mapping in a unified workspace.
An open-source incident response case management tool that provides visualization, threat intelligence lookups, and security framework mapping in a unified workspace.
AIL Framework is a modular system for analyzing and detecting information leaks from unstructured data sources, with capabilities for data extraction, correlation, and integration with threat intelligence platforms.
AIL Framework is a modular system for analyzing and detecting information leaks from unstructured data sources, with capabilities for data extraction, correlation, and integration with threat intelligence platforms.
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Wazuh is an open-source security platform offering unified XDR and SIEM protection for endpoints and cloud workloads, integrating various security functions into a single architecture.
Wazuh is an open-source security platform offering unified XDR and SIEM protection for endpoints and cloud workloads, integrating various security functions into a single architecture.
A repository of officially managed detection rules for the Falco runtime security monitoring system that identifies threats, abnormal behaviors, and compliance violations through syscall and container event analysis.
A repository of officially managed detection rules for the Falco runtime security monitoring system that identifies threats, abnormal behaviors, and compliance violations through syscall and container event analysis.
An open source repository of plugins for Rapid7 InsightConnect that enables security orchestration and automation through integrations with various security tools and services.
An open source repository of plugins for Rapid7 InsightConnect that enables security orchestration and automation through integrations with various security tools and services.
An open-source platform that builds instrumented environments, simulates attacks, and integrates with Splunk for detection rule development and testing.
An open-source platform that builds instrumented environments, simulates attacks, and integrates with Splunk for detection rule development and testing.
Clinv is a command line DevSecOps asset inventory tool for tracking and managing digital assets across organizational infrastructure.
Clinv is a command line DevSecOps asset inventory tool for tracking and managing digital assets across organizational infrastructure.
SOARCA is an open-source SOAR platform that automates security incident response workflows using standardized CACAOv2 playbooks and multiple integration interfaces.
SOARCA is an open-source SOAR platform that automates security incident response workflows using standardized CACAOv2 playbooks and multiple integration interfaces.
AfterGlow Cloud is a Django-based web application that allows users to upload data and generate graph visualizations through a browser interface.
AfterGlow Cloud is a Django-based web application that allows users to upload data and generate graph visualizations through a browser interface.
A Windows-based workflow automation and case management application that integrates with CrowdStrike Falcon APIs to streamline security operations and incident response processes.
A Windows-based workflow automation and case management application that integrates with CrowdStrike Falcon APIs to streamline security operations and incident response processes.
Open-source security automation platform for automating security alerts and building AI-assisted workflows.
Open-source security automation platform for automating security alerts and building AI-assisted workflows.
A content repository for Cortex XSOAR that provides playbooks, automation scripts, and templates for security operations automation and orchestration.
A content repository for Cortex XSOAR that provides playbooks, automation scripts, and templates for security operations automation and orchestration.
A framework for creating standardized cybersecurity event schemas in JSON format that enables interoperability across security tools and platforms.
A framework for creating standardized cybersecurity event schemas in JSON format that enables interoperability across security tools and platforms.
A collaborative and open-source incident response platform for sharing observables among analysts.
A collaborative and open-source incident response platform for sharing observables among analysts.
Unfetter is a reference implementation framework that collects events from client machines and performs CAR analytics using an ELK stack with Apache Spark to detect potential adversary activity.
Unfetter is a reference implementation framework that collects events from client machines and performs CAR analytics using an ELK stack with Apache Spark to detect potential adversary activity.
Shuffle Automation is an accessible automation platform that provides workflow automation capabilities for security operations with both self-hosted and cloud deployment options.
Shuffle Automation is an accessible automation platform that provides workflow automation capabilities for security operations with both self-hosted and cloud deployment options.
A community-driven repository and development framework for creating custom automation activities within the Ayehu NG IT orchestration platform.
A community-driven repository and development framework for creating custom automation activities within the Ayehu NG IT orchestration platform.
Open-source, free, and scalable cyber threat intelligence and security incident response solution with improved performance and new features.
Open-source, free, and scalable cyber threat intelligence and security incident response solution with improved performance and new features.
A repository of public applications for the Shuffle security orchestration platform that enables automated security workflows and integrations.
A repository of public applications for the Shuffle security orchestration platform that enables automated security workflows and integrations.