Security Monitoring
Browse 134 security monitoring tools
FEATURED
A practical guide to developing a comprehensive security monitoring and incident response strategy, covering incident response fundamentals, threat analysis, and data analysis.
A practical guide to developing a comprehensive security monitoring and incident response strategy, covering incident response fundamentals, threat analysis, and data analysis.
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
A library of event-based analytics written in EQL to detect adversary behaviors identified in MITRE ATT&CK, providing detection rules for the Elastic Stack.
A library of event-based analytics written in EQL to detect adversary behaviors identified in MITRE ATT&CK, providing detection rules for the Elastic Stack.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
A low-interaction SSH honeypot written in C that simulates SSH services to capture and log unauthorized access attempts.
A low-interaction SSH honeypot written in C that simulates SSH services to capture and log unauthorized access attempts.
Security Monkey monitors AWS, GCP, and OpenStack environments for policy changes and insecure configurations, providing historical tracking and alerting capabilities through a centralized interface.
Security Monkey monitors AWS, GCP, and OpenStack environments for policy changes and insecure configurations, providing historical tracking and alerting capabilities through a centralized interface.
A web-based visualization tool that displays statistics and generates charts from Shockpot honeypot data stored in PostgreSQL databases.
A web-based visualization tool that displays statistics and generates charts from Shockpot honeypot data stored in PostgreSQL databases.
A plugin repository that extends the Honeycomb honeypot framework with additional features and capabilities for enhanced threat detection and analysis.
A plugin repository that extends the Honeycomb honeypot framework with additional features and capabilities for enhanced threat detection and analysis.
Dagda is a Docker security tool that performs static vulnerability analysis of container images and monitors running containers for malicious threats and anomalous activities.
Dagda is a Docker security tool that performs static vulnerability analysis of container images and monitors running containers for malicious threats and anomalous activities.
Falco is a CNCF graduated runtime security tool that monitors Linux kernel events and syscalls to detect abnormal behavior and security threats in cloud native environments.
Falco is a CNCF graduated runtime security tool that monitors Linux kernel events and syscalls to detect abnormal behavior and security threats in cloud native environments.
Honey-Pod for SSH that logs username and password tries during brute-force attacks.
Honey-Pod for SSH that logs username and password tries during brute-force attacks.
Fleet is an open-source endpoint management platform that provides device management, vulnerability reporting, and security monitoring capabilities for IT and security teams managing large computer environments.
Fleet is an open-source endpoint management platform that provides device management, vulnerability reporting, and security monitoring capabilities for IT and security teams managing large computer environments.
A package for capturing and analyzing network flow data and intraflow data.
A package for capturing and analyzing network flow data and intraflow data.
Monitor WMI consumers and processes for potential malicious activity
Monitor WMI consumers and processes for potential malicious activity
