SIEM
Solutions for collecting, analyzing, and managing security logs and events.Explore 55 curated tools and resources
Search by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
Promoted • 4 tools
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Procmon for Linux is a reimagining of the classic Procmon tool from Windows, allowing Linux developers to trace syscall activity efficiently.
Procmon for Linux is a reimagining of the classic Procmon tool from Windows, allowing Linux developers to trace syscall activity efficiently.
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
IBM QRadar is a SIEM solution for real-time threat detection.
Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.
Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.
HonnyPotter is a WordPress plugin that logs all failed login attempts, with a caution to use it at your own risk.
HonnyPotter is a WordPress plugin that logs all failed login attempts, with a caution to use it at your own risk.
Python library and command line tools for log visualization with interactive plots.
Python library and command line tools for log visualization with interactive plots.
Windows Event Log Analyzer with logon timeline generator and noise reduction for fast forensics.
A pure Python parser for Windows Event Log files with access to File and Chunk headers, record templates, and event entries.
A method for log volume reduction without losing analytical capability.
Elasticsearch is a versatile platform for centralized data storage, fast search, and scalable analytics.
Elasticsearch is a versatile platform for centralized data storage, fast search, and scalable analytics.
Open source security data lake for AWS with real-time log normalization and Detection-as-Code capabilities.
Open source security data lake for AWS with real-time log normalization and Detection-as-Code capabilities.
GrokEVT is a tool for reading Windows event log files and converting them to a human-readable format.
Security-Guard helps secure microservices and serverless containers by detecting and blocking exploits.
Security-Guard helps secure microservices and serverless containers by detecting and blocking exploits.
RedELK enhances Red Team operations with SIEM capabilities to monitor and alert on Blue Team activities.
A community-led project focused on standardizing security event logs.
A community-led project focused on standardizing security event logs.
Track user activity and API usage on AWS and in hybrid and multicloud environments.
Track user activity and API usage on AWS and in hybrid and multicloud environments.
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.
Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.
Serverless, real-time data analysis framework for incident detection and response.
Serverless, real-time data analysis framework for incident detection and response.
ELAT (Event Log Analysis Tool) is a tool that helps in analyzing Windows event logs for malware detection.
ELAT (Event Log Analysis Tool) is a tool that helps in analyzing Windows event logs for malware detection.
Access a repository of Analytic Stories and security guides mapped to industry frameworks, with Splunk searches, machine learning algorithms, and playbooks for threat detection and response.
Access a repository of Analytic Stories and security guides mapped to industry frameworks, with Splunk searches, machine learning algorithms, and playbooks for threat detection and response.