Open source security data lake for AWS with real-time log normalization and Detection-as-Code capabilities.
Elastic is a search-powered AI company that enables users to find answers from all data in real-time at scale. It offers three solutions: Elasticsearch Platform, Observability, and Security. Elasticsearch Platform provides open and flexible enterprise solutions powered by AI. Observability accelerates problem resolution with unified observability powered by advanced ML and analytics. Security automates protection, investigation, and response at scale using a unified solution with SIEM, EDR, and cloud security. Elastic is trusted by 50% of the Fortune 500 companies, including Dish, Cisco, T-Mobile, Land Rover, and Booking.com. It provides a free trial and offers a 10X faster solution at half the price of other observability solutions, resulting in a 62% reduction in overall risk to stop ransomware and advanced threats.
Open source security data lake for AWS with real-time log normalization and Detection-as-Code capabilities.
Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.
ElastAlert is a framework for alerting on anomalies in Elasticsearch data.
Windows Event Log Analyzer with logon timeline generator and noise reduction for fast forensics.
A framework for generating log events without the need for infrastructure, allowing for simple, repeatable, and randomized log event creation.
RedELK enhances Red Team operations with SIEM capabilities to monitor and alert on Blue Team activities.