Matano Open Source Security Data Lake Logo

Matano Open Source Security Data Lake

0
Free
Visit Website

Matano Open Source Security Data Lake is an open source cloud-native security data lake, built for security teams on AWS. It offers a commercial managed Cloud SIEM for a complete enterprise Security Operations platform. Matano normalizes unstructured security logs into a structured real-time data lake in your AWS account, integrates out of the box with 50+ sources for security logs, supports Detection-as-Code using Python, allows for automatic import of Sigma detections, provides a Log Transformation Pipeline with custom VRL scripting, and ensures no vendor lock-in by using open table format (Apache Iceberg) and open schema standards (ECS) for full ownership of security data in a vendor-neutral format. Users can bring their own analytics and query the security lake directly from any Iceberg-compatible engine (AWS Athena, Snowflake, Spark, Trino, etc.) without vendor lock-in.

FEATURES

ALTERNATIVES

Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.

Free

A security information and event management solution that collects, normalizes, and analyzes log data from across an organization's infrastructure to enhance threat detection and compliance reporting.

Commercial

GrokEVT is a tool for reading Windows event log files and converting them to a human-readable format.

Free

Converts Sigma and Yara rules to CRYPTTECH's SIEM query language.

Free

A toolset for collecting and processing netflow/ipfix and sflow data from netflow/sflow compatible devices.

Free

A compliant audit log tool that provides a searchable, exportable record of read/write events.

Free

Serverless, real-time data analysis framework for incident detection and response.

Free

Python library and command line tools for log visualization with interactive plots.

Free