7 tools and resources
A collection of free shareable log samples from various systems with evidence of compromise and malicious activity, maintained by Dr. Anton Chuvakin.
Browse a library of EQL analytics now natively integrated in Elasticsearch.
IBM QRadar is a SIEM solution for real-time threat detection.
Level 400 training to become a Microsoft Sentinel Ninja.
RedELK enhances Red Team operations with SIEM capabilities to monitor and alert on Blue Team activities.
A community-led project focused on standardizing security event logs.
Graylog offers advanced log management and SIEM capabilities to enhance security and compliance across various industries.