Matano Open Source Security Data Lake Logo

Matano Open Source Security Data Lake

0
Free
SIEM
Cloud Security
Aws
Security Operations
Log Analysis
Visit Website

Matano Open Source Security Data Lake is an open source cloud-native security data lake, built for security teams on AWS. It offers a commercial managed Cloud SIEM for a complete enterprise Security Operations platform. Matano normalizes unstructured security logs into a structured real-time data lake in your AWS account, integrates out of the box with 50+ sources for security logs, supports Detection-as-Code using Python, allows for automatic import of Sigma detections, provides a Log Transformation Pipeline with custom VRL scripting, and ensures no vendor lock-in by using open table format (Apache Iceberg) and open schema standards (ECS) for full ownership of security data in a vendor-neutral format. Users can bring their own analytics and query the security lake directly from any Iceberg-compatible engine (AWS Athena, Snowflake, Spark, Trino, etc.) without vendor lock-in.

FEATURES

ALTERNATIVES

Zircolite Logo
Zircolite

Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for Linux, XML or JSONL/NDJSON Logs.

Free
SIEM
Logpoint SIEM Logo
Logpoint SIEM

A security information and event management solution that collects, normalizes, and analyzes log data from across an organization's infrastructure to enhance threat detection and compliance reporting.

Commercial
SIEM
GrokEVT Logo
GrokEVT

GrokEVT is a tool for reading Windows event log files and converting them to a human-readable format.

Free
SIEM
Alterix Logo
Alterix

Converts Sigma and Yara rules to CRYPTTECH's SIEM query language.

Free
SIEM
nfdump Logo
nfdump

A toolset for collecting and processing netflow/ipfix and sflow data from netflow/sflow compatible devices.

Free
SIEM
Retraced Logo
Retraced

A compliant audit log tool that provides a searchable, exportable record of read/write events.

Free
SIEM
StreamAlert Logo
StreamAlert

Serverless, real-time data analysis framework for incident detection and response.

Free
SIEM
visualize_logs Logo
visualize_logs

Python library and command line tools for log visualization with interactive plots.

Free
SIEM

PINNED

Mandos Brief Newsletter Logo

Mandos Brief Newsletter

A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Resources
OSINTLeak Logo

OSINTLeak

OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.

Digital Forensics
ImmuniWeb® Discovery Logo

ImmuniWeb® Discovery

ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

Attack Surface Management
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security