siem
Turn ideas into detections your SIEM understands. Generate Sigma, KQL, and SPL rules with tests and playbooks in seconds.
DetectPack Forge turns plain-English behaviors or sample logs into production-ready detection packs — Sigma, KQL (Sentinel), SPL (Splunk) — plus tests and a response playbook, mapped to MITRE ATT&CK, fully powered by Gen AI.
select * from logs;
Open source SIEM for instant log insights, powered by DuckDB. Analyze millions of events in seconds, right from your terminal.
Threat Detection & Incident Response Done Right. SIEM, Log Management & API Protection.
Graylog is a free and open log management platform.
Related contents:
SIEM Detection Format. The shareable detection format for security professionals.
Sigma is a generic, open, and structured detection format that allows security teams to detect relevant log events in a simple and shareable way.
Detection engineers, threat hunters and all defensive security practitioners collaborate on detection rules. The repository offers more than 3000 detection rules of different type and aims to make reliable detections accessible to all at no cost.
FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool.
The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Related contents:
- Sécuriser son homelab (et les PC des ados) avec Wazuh : une plateforme open source qui a tout d’une grande @ Cyril Beaufrere's LinkedIn :fr:.
- Wazuh - The FREE SIEM You Need to Try! - Installation Guide [Part 1] @ Jim's Garage's YouTube.
- You Probably Have 1000s of Vulnerabilities... Wazuh Walkthrough @ Jim's Garage's YouTube.