Alterix is a tool that converts Sigma and Yara rules to the query language of CRYPTTECH's next-generation SIEM product. Sigma is an open-source project that provides a rule format and tools for sharing detection rules for security operations. Yara helps malware researchers identify and classify malware samples. Alterix acts as a bridge between Sigma, Yara, and CRYPTTECH's SIEM, enabling security teams to use their existing rule sets with the SIEM's advanced capabilities.
FEATURES
ALTERNATIVES
A framework for generating log events without the need for infrastructure, allowing for simple, repeatable, and randomized log event creation.
A collection of detections for Panther SIEM with detailed setup instructions.
A logging proxy tool created in response to the 'MongoDB Apocalypse', with Docker support.
Serverless, real-time data analysis framework for incident detection and response.
Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.
Track user activity and API usage on AWS and in hybrid and multicloud environments.
A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.
PINNED

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.

ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.