Wazuh
Wazuh is an open-source security platform that provides unified XDR and SIEM protection for endpoints and cloud workloads. It offers: 1. Endpoint Security: Configuration assessment, malware detection, and file integrity monitoring. 2. Threat Hunting: Log data analysis and vulnerability detection. 3. Security Operations: Incident response and regulatory compliance. 4. Cloud Security: Container security, posture management, and workload protection. The platform integrates historically separate functions into a single agent and platform architecture, covering public clouds, private clouds, and on-premise data centers. Wazuh includes real-time correlation and context for analysts, with active response capabilities for on-device remediation. As a SIEM solution, Wazuh provides monitoring, detection, and alerting of security events and incidents. It is designed to be flexible, scalable, and free from vendor lock-in, with no license costs. The platform is supported by a large community and is widely used in enterprise environments.
FEATURES
ALTERNATIVES
PacBot is a platform for continuous compliance monitoring, compliance reporting, and security automation for the cloud, with a plugin-based data ingestion architecture.
A DFIR Playbook Spec based on YAML for collaborative incident response processes.
A standardized framework for describing and classifying cybersecurity incidents
A modular incident response framework in Powershell that uses Powershell Remoting to collect data for incident response and breach hunts.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
Scalable, cost-effective application recovery to AWS.
Darktrace is a cyber security solution that uses AI to detect and prevent cyber attacks in real-time.
An open-source, drag-and-drop security workflow builder with integrated case management for automating security workflows and tackling alert fatigue.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.