Matano Open Source Security Data Lake Logo

Matano Open Source Security Data Lake

0
Free
Visit Website

Matano Open Source Security Data Lake is an open source cloud-native security data lake, built for security teams on AWS. It offers a commercial managed Cloud SIEM for a complete enterprise Security Operations platform. Matano normalizes unstructured security logs into a structured real-time data lake in your AWS account, integrates out of the box with 50+ sources for security logs, supports Detection-as-Code using Python, allows for automatic import of Sigma detections, provides a Log Transformation Pipeline with custom VRL scripting, and ensures no vendor lock-in by using open table format (Apache Iceberg) and open schema standards (ECS) for full ownership of security data in a vendor-neutral format. Users can bring their own analytics and query the security lake directly from any Iceberg-compatible engine (AWS Athena, Snowflake, Spark, Trino, etc.) without vendor lock-in.

FEATURES

ALTERNATIVES

Browse a library of EQL analytics now natively integrated in Elasticsearch.

Free

A method for log volume reduction without losing analytical capability.

Free

Tool for deleting logs on Linux/Windows servers.

Free

Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.

Free

Procmon for Linux is a reimagining of the classic Procmon tool from Windows, allowing Linux developers to trace syscall activity efficiently.

Free

Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.

Free

A pure Python parser for Windows Event Log files with access to File and Chunk headers, record templates, and event entries.

Free

A cloud-native SIEM platform that provides security analytics, intuitive workflow, and simplified incident response to help security teams defend against cyber threats.

Commercial