Windows Event Log Analyzer with logon timeline generator and noise reduction for fast forensics.
Matano Open Source Security Data Lake is an open source cloud-native security data lake, built for security teams on AWS. It offers a commercial managed Cloud SIEM for a complete enterprise Security Operations platform. Matano normalizes unstructured security logs into a structured real-time data lake in your AWS account, integrates out of the box with 50+ sources for security logs, supports Detection-as-Code using Python, allows for automatic import of Sigma detections, provides a Log Transformation Pipeline with custom VRL scripting, and ensures no vendor lock-in by using open table format (Apache Iceberg) and open schema standards (ECS) for full ownership of security data in a vendor-neutral format. Users can bring their own analytics and query the security lake directly from any Iceberg-compatible engine (AWS Athena, Snowflake, Spark, Trino, etc.) without vendor lock-in.
Windows Event Log Analyzer with logon timeline generator and noise reduction for fast forensics.
Logdissect is a CLI utility and Python library for analyzing log files and other data.
Investigate malicious logons by visualizing and analyzing Windows Active Directory event logs with LogonTracer.
ElastAlert is a framework for alerting on anomalies in Elasticsearch data.
AlienVault OSSIM provides an all-in-one security management solution with asset discovery, vulnerability assessment, and SIEM capabilities.
IBM QRadar is a SIEM solution for real-time threat detection.