SIEM

- "BASE is the Basic Analysis and Security Engine. It is based on the code from the Analysis Console for Intrusion Databases (ACID) project. This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS... more

ELSA is a centralized syslog framework built on Syslog-NG, MySQL, and Sphinx full-text search. It provides a fully asynchronous web-based query interface that normalizes logs and makes searching billions of them for arbitrary strings as easy as... more

Clone Systems Inc., a pioneer in managed information security services, has initiated an open source, community-wide, software development initiative focused on information security research and development. As the proliferation of internet,... more

- "OSSIM stands for Open Source Security Information Management. Its goal is to provide a comprehensive compilation of tools which, when working together, grant network/security administrators with a detailed view over each and every aspect of... more

" Prelude collects, archives, normalizes, sorts, aggregates, correlates and reports all security-related events independently of the product brand or license giving rise to such events;

A Security Information and Event Management (SIEM)... more

Sguil (pronounced sgweel) is built by network security analysts for network security analysts. Sguil's main component is an intuitive GUI that provides access to realtime events, session data, and raw packet captures. Sguil facilitates the... more

SIEM-live is a ready to go SIEM (Security Information and Event Management) system based on Open Source tools, and Debian-live.
To collect events it is using Suricata IDS/IPS, syslog as a central collector, OpenVAS to scan for... more

Smooth-Sec is a ready to-go IDS/IPS (Intrusion Detection/Prevention System) linux distribution based on the multi threaded Suricata IDS/IPS engine and Snorby, the top notch web application for network security monitoring. Smooth-Sec is built on... more

SnIPS: Snort Intrusion Analysis using Proof Strengthening
Snort is a widely used network-based intrustion detection system (IDS). It works by comparing a network packet with a set of pre-defined signatures (Snort rules) which specify... more

- "Snorby is a new and modern IDS front-end. The basic fundamental concepts behind snorby are simplicity and power. The project goal is to create a free, open source and highly competitive application for network monitoring for both... more

Subscribe to SIEM