Security Operations for Security Monitoring
Tols and platforms for managing and optimizing security operations centers (SOCs). Task: Security MonitoringExplore 17 curated tools and resources
Search by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
Promoted • 4 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Vulnerability Management
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
WithSecure Elements Cloud is a modular cybersecurity platform that combines AI-powered software and expert services to provide comprehensive protection across endpoints, identities, and cloud environments.
WithSecure Elements Cloud is a modular cybersecurity platform that combines AI-powered software and expert services to provide comprehensive protection across endpoints, identities, and cloud environments.
An enterprise cybersecurity platform that unifies endpoint, cloud, and identity security through an integrated data lake architecture with AI-powered analysis capabilities.
An enterprise cybersecurity platform that unifies endpoint, cloud, and identity security through an integrated data lake architecture with AI-powered analysis capabilities.
A centralized management console for efficiently operating and monitoring large-scale, multitenant Logpoint SIEM deployments across customers, geographies, and organizational divisions.
A centralized management console for efficiently operating and monitoring large-scale, multitenant Logpoint SIEM deployments across customers, geographies, and organizational divisions.
A security analytics platform that integrates with Google Chronicle to deliver Autonomic Security Operations through data engineering, detection engineering, and response engineering.
A security analytics platform that integrates with Google Chronicle to deliver Autonomic Security Operations through data engineering, detection engineering, and response engineering.
Todyl is a modular cybersecurity platform that consolidates SASE, SIEM, EDR/NGAV, MXDR, and GRC capabilities into a single-agent solution with centralized management.
Todyl is a modular cybersecurity platform that consolidates SASE, SIEM, EDR/NGAV, MXDR, and GRC capabilities into a single-agent solution with centralized management.
A human risk management platform that identifies, assesses, and mitigates security risks associated with employee behavior through monitoring, targeted interventions, and comprehensive reporting.
A human risk management platform that identifies, assesses, and mitigates security risks associated with employee behavior through monitoring, targeted interventions, and comprehensive reporting.
An AI-powered SOC automation platform that performs autonomous alert triage, investigation, and incident response while augmenting human analyst capabilities.
An AI-powered SOC automation platform that performs autonomous alert triage, investigation, and incident response while augmenting human analyst capabilities.
A data curation platform that automates security data collection, transformation and routing while reducing data volume and infrastructure costs.
A data curation platform that automates security data collection, transformation and routing while reducing data volume and infrastructure costs.
A defense-in-depth security automation framework for AWS that combines threat intelligence, machine learning, and serverless technologies to prevent, detect, and respond to threats through automated security telemetry collection and analysis.
A defense-in-depth security automation framework for AWS that combines threat intelligence, machine learning, and serverless technologies to prevent, detect, and respond to threats through automated security telemetry collection and analysis.
A repository of officially managed detection rules for the Falco runtime security monitoring system that identifies threats, abnormal behaviors, and compliance violations through syscall and container event analysis.
A repository of officially managed detection rules for the Falco runtime security monitoring system that identifies threats, abnormal behaviors, and compliance violations through syscall and container event analysis.
DetectionLab is a pre-configured Windows domain environment with security tooling and logging designed for cybersecurity training and detection capability development.
DetectionLab is a pre-configured Windows domain environment with security tooling and logging designed for cybersecurity training and detection capability development.
A Certificate Transparency log monitor that alerts users when SSL/TLS certificates are issued for their domains, helping detect unauthorized certificate issuance and potential security threats.
A Certificate Transparency log monitor that alerts users when SSL/TLS certificates are issued for their domains, helping detect unauthorized certificate issuance and potential security threats.
Scumblr is a web-based security automation platform that performs periodic data source synchronization and security analysis to help organizations proactively identify and track security issues.
Scumblr is a web-based security automation platform that performs periodic data source synchronization and security analysis to help organizations proactively identify and track security issues.
Sysdig is a universal system visibility tool that provides deep monitoring and analysis capabilities for traditional systems and containerized environments through system call tracing and network activity monitoring.
Sysdig is a universal system visibility tool that provides deep monitoring and analysis capabilities for traditional systems and containerized environments through system call tracing and network activity monitoring.
RedELK is a SIEM tool designed for red teams to monitor and receive alerts about blue team detection activities during penetration testing engagements.
RedELK is a SIEM tool designed for red teams to monitor and receive alerts about blue team detection activities during penetration testing engagements.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
Falco is a CNCF graduated runtime security tool that monitors Linux kernel events and syscalls to detect abnormal behavior and security threats in cloud native environments.
Falco is a CNCF graduated runtime security tool that monitors Linux kernel events and syscalls to detect abnormal behavior and security threats in cloud native environments.