Security Monitoring
Explore 64 curated tools and resources
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Free
Resources
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Commercial
Application Security
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Commercial
Application Security
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
Commercial
Cloud Security
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Commercial
Application Security
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
LATEST ADDITIONS
An API security platform that combines discovery, compliance monitoring, and protection capabilities to defend against API attacks, automated threats, and data exposure.
A SaaS-based web application firewall that combines signature and behavioral-based threat detection to protect applications deployed across cloud, on-premises and edge environments.
An endpoint data loss prevention solution that discovers, classifies, and protects sensitive data while controlling data transfer methods and mitigating insider threats.
A centralized vulnerability lifecycle management platform that tracks security issues from discovery to closure with real-time status updates.
Pathlock is an identity security platform that provides compliance-focused governance, access management, and continuous controls monitoring across enterprise applications with particular emphasis on ERP systems.
A cloud-based web application firewall that provides protection against web attacks, DDoS mitigation, and performance optimization through CDN capabilities.
A continuous threat exposure management platform that provides automated vulnerability scanning for internet-facing assets with varying service tiers for different organizational needs.
A cloud and database asset intelligence platform that provides continuous monitoring, compliance management, and security posture assessment across hybrid cloud environments.
An AI-powered email security platform that provides multi-layered protection against phishing, malware, and other email-based threats through various deployment options.
A platform that maps enterprise attack surfaces by consolidating asset inventory, prioritizing vulnerabilities based on exposure, and providing contextual visualization of security risks.
A cloud native application protection platform that provides security monitoring and protection across cloud, on-premises, and hybrid environments.
Kiteworks is a unified platform that secures, tracks, and controls sensitive content communications across email, file sharing, managed file transfer, and web forms to ensure regulatory compliance and data protection.
XRATOR is a cybersecurity platform that continuously identifies vulnerabilities, assesses business risks, and manages security posture to align with strategic objectives and compliance requirements.
A security operations platform that provides automated threat detection, access control, and protection against various online attacks through Cloudflare integration.
An API security and monitoring platform that automatically discovers, validates, and protects API endpoints while providing comprehensive management and analytics capabilities.
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
A cloud-native application protection platform that provides comprehensive security monitoring, vulnerability management, and threat detection for cloud environments and container workloads.
A cyber risk management platform that financially quantifies cyber risks and provides actionable mitigation strategies while integrating with insurance coverage.
An enterprise API security platform that combines API discovery, protection, testing, and monitoring capabilities with contextual analysis for comprehensive API ecosystem security.
An integrated security platform that provides API discovery, runtime protection, security testing, and incident response capabilities for web applications, APIs, and AI systems.
An application security platform that provides runtime threat modeling, vulnerability management, and automated remediation workflows with a focus on identifying exploitable vulnerabilities in production environments.
An AI-powered SOC automation platform that performs autonomous alert triage, investigation, and incident response while augmenting human analyst capabilities.
A mapping tool that correlates MITRE ATT&CK techniques with atomic tests and detection rules to analyze security detection coverage.
A threat intelligence platform that monitors, analyzes, and provides detailed information about threat actors targeting non-human identities across various industries.
A Non-Human Identity Management platform that provides discovery, security, and lifecycle management for machine identities across hybrid cloud environments.
A security platform that automates the deployment and management of security canaries across cloud infrastructure to detect potential intrusions and unauthorized access.
A data curation platform that automates security data collection, transformation and routing while reducing data volume and infrastructure costs.
A platform that provides visibility and security monitoring of hardware, firmware, and software components in IT infrastructure to identify supply chain risks and vulnerabilities.
A newsletter service that tracks and reports weekly changes in detection engineering rules and updates across multiple GitHub repositories.
A low-interaction honeypot that simulates network services to detect and monitor potential intrusion attempts on internal networks.
An IP address intelligence API that provides geolocation data and threat detection capabilities for IPv4 and IPv6 addresses.
A web application firewall and API security platform that combines API discovery, runtime protection, vulnerability testing, and security posture management.
Application monitoring and security platform that provides runtime visibility, threat detection, and automated response capabilities for application-layer security
A security platform that provides monitoring, control, and protection mechanisms for organizations using generative AI and large language models.
Arkime is an open-source network capture and analysis tool that provides comprehensive network visibility, facilitating swift identification and resolution of security and network issues.
AI Access Security is a tool for managing and securing generative AI application usage in organizations, offering visibility, control, and protection features.
Akamai Hunt is a managed threat hunting service that detects and remediates evasive security risks in network environments using data analysis, AI, and expert investigation.
Kunai is a Linux-based system monitoring tool that provides real-time monitoring and threat hunting capabilities.
A GitHub App that monitors GitHub organizations or repositories for adherence to security best practices and detects policy violations.
A serverless application for creating and monitoring URL tokens with threat intelligence and customizable alerts.
A set of Bro/Zeek scripts that detect ATT&CK-based adversarial activity and raise notices
Cybersecurity project for security monitoring of Node.js applications.
Multi-honeypot platform with various honeypots and monitoring tools.
Snort is an open source intrusion prevention system that uses rules to detect and prevent malicious network activity.
A honeypot agent for running honeypots with service and data at threatwar.com.
ElastAlert is a framework for alerting on anomalies in Elasticsearch data.
Automate AWS security checks and centralize security alerts.
A comprehensive dashboard for managing and monitoring honeypots with detailed information on attack attempts and connections.
A centralized tool for security monitoring and analysis that integrates various open source big data technologies.
Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.
A comprehensive guide to network security monitoring, teaching readers how to detect and respond to intrusions using open source software and vendor-neutral tools.
An Android-based self-defense application against forensic imaging tools like Cellebrite UFED.
A honeypot that logs NTP packets into a Redis database to detect DDoS attempts.
A Perl honeypot program for monitoring hostile traffic and wasting hackers' time.
Comprehensive suite of tools and resources by Microsoft Azure for ensuring security and protection of data and applications in the cloud.
A practical guide to developing a comprehensive security monitoring and incident response strategy, covering incident response fundamentals, threat analysis, and data analysis.
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
Honey-Pod for SSH that logs username and password tries during brute-force attacks.
A package for capturing and analyzing network flow data and intraflow data.
Monitor WMI consumers and processes for potential malicious activity