Anvilogic Logo

Anvilogic

0
Commercial
Visit Website

Anvilogic is a multi-data platform SIEM designed to enhance detection engineering processes. It offers pre-built detection rules and a detection-as-code builder to improve detection accuracy and optimize lifecycle management. The platform allows teams to use existing SIEM solutions like Splunk or Azure while adopting cost-effective data lake solutions such as Snowflake. Anvilogic aims to reduce SIEM licensing costs by decoupling logging from security analytics. It provides features for building, deploying, and maintaining detections, potentially saving time in these processes. The tool includes capabilities for improving ATT&CK coverage and closing detection gaps for high-priority threats. It offers a low/no-code builder and AI chatbot to assist in the detection engineering process. Anvilogic includes features for allowlisting, version control, and easy rollout of detections.

FEATURES

ALTERNATIVES

jimi is an orchestration automation tool for multi-team collaboration and automation in IT/Security operations, Development, and CI/CD pipelines.

Templates for incident response run-books tailored for AWS environments based on NIST guidelines.

Repository of default playbooks and custom functions for Splunk SOAR instances with content migration to Splunk's GitHub.

Catalyst is a SOAR system that automates alert handling and incident response processes, adapting to your workflows and being open source.

Tool to bypass endpoint solutions blocking known 'malicious' signed applications by obtaining valid signed files with different hashes.

Python command line utility for incident response in AWS

A collection of incident response methodologies for various security incidents, providing easy-to-use operational best practices.

A collection of Cyber Incident Response Playbook Battle Cards (PBC) for combating cyber threats and attacks, following a prescriptive approach inspired by CERT Societe Generale's IRM.

PINNED