Your Complete Security Operations Platform

Open-source SIEM, CSPM, WAF, and threat intelligence. From git clone to running security scans in just 5 minutes. No vendor lock-in. No complex setup.

• Wildbox @ GitHub.

Threat Detection & Incident Response Done Right. SIEM, Log Management & API Protection.

Graylog is a free and open log management platform.

• Graylog @ GitHub.

Related contents:

• Centralisation des logs : un atout clé pour la sécurité d’un SI @ IT-Connect :fr:.
• Déployez Graylog sur Debian 12 pour centraliser et analyser vos logs facilement @ IT-Connect :fr:.

The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

• Wazuh @ GitHub.

Related contents:

• Sécuriser son homelab (et les PC des ados) avec Wazuh : une plateforme open source qui a tout d’une grande @ Cyril Beaufrere's LinkedIn :fr:.
• Wazuh - The FREE SIEM You Need to Try! - Installation Guide [Part 1] @ Jim's Garage's YouTube.
• You Probably Have 1000s of Vulnerabilities... Wazuh Walkthrough @ Jim's Garage's YouTube.

Turn ideas into detections your SIEM understands. Generate Sigma, KQL, and SPL rules with tests and playbooks in seconds.

DetectPack Forge turns plain-English behaviors or sample logs into production-ready detection packs — Sigma, KQL (Sentinel), SPL (Splunk) — plus tests and a response playbook, mapped to MITRE ATT&CK, fully powered by Gen AI.

• DetectPack Forge @ GitHub.

FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool.

SIEM Detection Format. The shareable detection format for security professionals.

Sigma is a generic, open, and structured detection format that allows security teams to detect relevant log events in a simple and shareable way.

Detection engineers, threat hunters and all defensive security practitioners collaborate on detection rules. The repository offers more than 3000 detection rules of different type and aims to make reliable detections accessible to all at no cost.

• Sigma @ GitHub.
• C'est la fin des antivirus @ Underscore_'s Spotify :fr:.
• 🚨 Découvrez Sigma: l'outil open-source qui révolutionne la détection de menaces ! 🚨 @ Maory SChroder's LinkedIn :fr:.

select * from logs;

Open source SIEM for instant log insights, powered by DuckDB. Analyze millions of events in seconds, right from your terminal.

• Tailpipe @ GitHub.

Extensible MacOS system telemetry generator.

MacNoise is an extensible and modular macOS system telemetry generation framework. It generates real system events (network connections, file writes, process spawns, plist mutations, TCC permission probes, and more) so security teams can validate that their EDR, SIEM, and firewall tooling detects what it is supposed to detect.

Related contents:

• Introducing MacNoise! @ 0xv1n.
• #66 @ Erreur 403 :fr:.