Siem
Browse 649 siem tools
FEATURED
Wazuh is an open-source security platform offering unified XDR and SIEM protection for endpoints and cloud workloads, integrating various security functions into a single architecture.
AI-powered SOC platform for detection engineering across SIEMs & data lakes
AI-driven SOC platform with unified data lake, threat intel, and automation
SIEM platform for log management, threat detection, and security monitoring
Protects against account abuse across lifecycle using ML and risk indicators
Exabeam Security Operations Platform is a cloud-native security platform that applies AI and automation to security operations workflows for threat detection, investigation, and response.
AI security platform for testing, defending, and monitoring GenAI apps & agents
Security operations platform combining SIEM, UEBA, and SOAR capabilities
A penetration testing framework for identifying and exploiting vulnerabilities.
Threat intelligence platform providing real-time data from 300bn+ daily IPs
File integrity monitoring system detecting changes to critical files & registry
A mature SIEM environment is critical for successful SOAR implementation.
Utilizing SIEM, SOAR, and EDR technologies to enhance security operations with a focus on reducing incident response time.
Converged network security platform with NGFW, SD-WAN, SASE, and SecOps
A Security Information and Event Management (SIEM) system with a focus on security and minimalism.
Curated datasets for developing and testing detections in SIEM installations.
AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.
Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.
An open source cloud-native security data lake platform for AWS that normalizes security logs into structured data with Detection-as-Code capabilities and vendor-neutral storage using open standards.
RedELK is a SIEM tool designed for red teams to monitor and receive alerts about blue team detection activities during penetration testing engagements.
A web honeypot tool for detecting and monitoring potential attacks on phpMyAdmin installations.
Falco is a CNCF graduated runtime security tool that monitors Linux kernel events and syscalls to detect abnormal behavior and security threats in cloud native environments.
A collection of detections for Panther SIEM with detailed setup instructions.
