Matano Open Source Security Data Lake
Matano Open Source Security Data Lake is an open source cloud-native security data lake, built for security teams on AWS. It offers a commercial managed Cloud SIEM for a complete enterprise Security Operations platform. Matano normalizes unstructured security logs into a structured real-time data lake in your AWS account, integrates out of the box with 50+ sources for security logs, supports Detection-as-Code using Python, allows for automatic import of Sigma detections, provides a Log Transformation Pipeline with custom VRL scripting, and ensures no vendor lock-in by using open table format (Apache Iceberg) and open schema standards (ECS) for full ownership of security data in a vendor-neutral format. Users can bring their own analytics and query the security lake directly from any Iceberg-compatible engine (AWS Athena, Snowflake, Spark, Trino, etc.) without vendor lock-in.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.
A logging proxy tool created in response to the 'MongoDB Apocalypse', with Docker support.
A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.
HonnyPotter is a WordPress plugin that logs all failed login attempts, with a caution to use it at your own risk.
Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.
Procmon for Linux is a reimagining of the classic Procmon tool from Windows, allowing Linux developers to trace syscall activity efficiently.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.