Browse a library of EQL analytics now natively integrated in Elasticsearch since Endgame joined forces with Elastic. EQL in Elasticsearch accommodates non-security users with changes summarized in the Elasticsearch EQL documentation. Get started by installing the EQL module with Python 2.7 and 3.5+, then try a sample json file and test it with EQL commands.
FEATURES
SIMILAR TOOLS
Procmon for Linux is a reimagining of the classic Procmon tool from Windows, allowing Linux developers to trace syscall activity efficiently.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.