Security Operations
Tols and platforms for managing and optimizing security operations centers (SOCs).Explore 128 curated tools and resources
Search by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Wazuh is an open-source security platform offering unified XDR and SIEM protection for endpoints and cloud workloads, integrating various security functions into a single architecture.
Wazuh is an open-source security platform offering unified XDR and SIEM protection for endpoints and cloud workloads, integrating various security functions into a single architecture.
TheHive is a case management platform for security operations teams that facilitates incident response, threat analysis, and team collaboration.
TheHive is a case management platform for security operations teams that facilitates incident response, threat analysis, and team collaboration.
Anvilogic is a SIEM platform that streamlines detection engineering, offers cost-effective data management, and enhances threat detection capabilities.
Anvilogic is a SIEM platform that streamlines detection engineering, offers cost-effective data management, and enhances threat detection capabilities.
Dropzone AI is an autonomous AI agent for SOCs that performs end-to-end investigations of security alerts, integrating with existing cybersecurity tools and data sources.
Dropzone AI is an autonomous AI agent for SOCs that performs end-to-end investigations of security alerts, integrating with existing cybersecurity tools and data sources.
Exabeam Security Operations Platform is a cloud-native security platform that applies AI and automation to security operations workflows for threat detection, investigation, and response.
Exabeam Security Operations Platform is a cloud-native security platform that applies AI and automation to security operations workflows for threat detection, investigation, and response.
Anomali is an AI-Powered Security Operations Platform that delivers speed, scale, and performance at a reduced cost, combining ETL, SIEM, XDR, SOAR, and TIP to detect, investigate, respond, and remediate threats.
Anomali is an AI-Powered Security Operations Platform that delivers speed, scale, and performance at a reduced cost, combining ETL, SIEM, XDR, SOAR, and TIP to detect, investigate, respond, and remediate threats.
CrowdStrike Charlotte AI is a conversational AI assistant that accelerates security operations by automating tasks and providing faster intelligence through generative AI capabilities.
CrowdStrike Charlotte AI is a conversational AI assistant that accelerates security operations by automating tasks and providing faster intelligence through generative AI capabilities.
Darktrace is a cyber security solution that uses AI to detect and prevent cyber attacks in real-time.
Darktrace is a cyber security solution that uses AI to detect and prevent cyber attacks in real-time.
A project that uses Athena and EventBridge to investigate API activity and notify of actions for incident response and misconfiguration detection.
A project that uses Athena and EventBridge to investigate API activity and notify of actions for incident response and misconfiguration detection.
A defense-in-depth security automation and monitoring framework utilizing threat intelligence, machine learning, and serverless technologies.
A defense-in-depth security automation and monitoring framework utilizing threat intelligence, machine learning, and serverless technologies.
A mature SIEM environment is critical for successful SOAR implementation.
A mature SIEM environment is critical for successful SOAR implementation.
An open-source, drag-and-drop security workflow builder with integrated case management for automating security workflows and tackling alert fatigue.
An open-source, drag-and-drop security workflow builder with integrated case management for automating security workflows and tackling alert fatigue.
A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.
A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.
Tool to disable vulnerable features in Windows and popular applications for enhanced security.
Tool to disable vulnerable features in Windows and popular applications for enhanced security.
Incident response framework focused on remote live forensics
Incident response framework focused on remote live forensics
Shuffle is a platform for automating security workflows with confidence, offering templates, collaboration tools, and a large app library.
Shuffle is a platform for automating security workflows with confidence, offering templates, collaboration tools, and a large app library.
Stronghold is the easiest way to securely configure your Mac.
A GraphQL security testing tool
A panic button app for triggering a ripple effect across apps responding to panic events
A panic button app for triggering a ripple effect across apps responding to panic events
Tool to bypass endpoint solutions blocking known 'malicious' signed applications by obtaining valid signed files with different hashes.
Tool to bypass endpoint solutions blocking known 'malicious' signed applications by obtaining valid signed files with different hashes.
Datadog offers a comprehensive suite of cybersecurity tools for various aspects of application and infrastructure monitoring.
Datadog offers a comprehensive suite of cybersecurity tools for various aspects of application and infrastructure monitoring.
Automate security incident handling and facilitate real-time activities of incident handlers.
Automate security incident handling and facilitate real-time activities of incident handlers.
PacBot is a platform for continuous compliance monitoring, compliance reporting, and security automation for the cloud, with a plugin-based data ingestion architecture.
PacBot is a platform for continuous compliance monitoring, compliance reporting, and security automation for the cloud, with a plugin-based data ingestion architecture.
A collection of AWS security architectures for various security operations.
A collection of AWS security architectures for various security operations.