1550 Open source projects that are alternatives of or similar to Wazuh Ruleset

Wazuh - Docker containers

Wazuh - Kibana plugin

Wazuh - Chef cookbooks

Wazuh - The Open Source Security Platform

Wazuh - Project documentation

Wazuh - Ansible playbook

Wazuh - Tools for packages creation

Wazuh - Puppet module

Wazuh - Amazon AWS Cloudformation

SIAC is an enterprise SIEM built on open-source technology.

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Daemon to ban hosts that cause multiple authentication errors

Generic Signature Format for SIEM Systems

Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

A utility to generate malicious network traffic and evaluate controls

PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform

A curated list of Site Reliability and Production Engineering resources.

A lightweight tool to score network traffic and flag anomalies

The Heroic Time Series Database

Network monitoring system written in Python and Django, designed to be extensible, programmable, scalable and easy to use by end users: once the system is configured, monitoring checks, alerts and metric collection happens automatically.

Graylog Metrics Reporter Plugins

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

osquery extensions by Trail of Bits

HOMER 7.x Front-End and API Server

Dashboard composition tooling based on the Uberfire framework

Receives HTTP webhook notifications from AlertManager and inserts them into an Elasticsearch index for searching and analysis

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

A curated collection of publicly available resources on how technology and tech-savvy organizations around the world practice Site Reliability Engineering (SRE)

SQL powered operating system instrumentation, monitoring, and analytics.

A community-oriented fork of osquery with support for cmake, public CI testing, and regular releases

System Optimizer and Monitoring, Security Auditing, Vulnerability scanner for Linux, macOS, and UNIX-based systems

Monitoring and Management Web Application for ElasticSearch instances and clusters.

Stack Exchange's Monitoring System

HOMER 7 Docker Images

INFRASTRUCTURE、OPERATION SYSTEM and APPLICATION monitoring tools for Operations.

The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.

ElasticSearch cluster metrics -> Graphite

Exceptionless server and jobs

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

Real-time HTTP Intrusion Detection

A Suricata based IDS/IPS distro

Bro IDS Dockerfile

An UNOFFICIAL Git Repository of Snort Rules(IDS rules) Releases.

Hastic data management server for analyzing patterns and anomalies from Grafana

WIFI / LAN intruder detector. Check the devices connected and alert you with unknown devices. It also warns of the disconnection of "always connected" devices

Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management

idstools: Snort and Suricata Rule and Event Utilities in Python (Including a Rule Update Tool)

Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. It contains hundreds of controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

An extremely crude, lightweight Web Frontend for Suricata/Bro to be used with BriarIDS

Simple Implementation of Network Intrusion Detection System. KddCup'99 Data set is used for this project. kdd_cup_10_percent is used for training test. correct set is used for test. PCA is used for dimension reduction. SVM and KNN supervised algorithms are the classification algorithms of project. Accuracy : %83.5 For SVM , %80 For KNN

psad: Intrusion Detection and Log Analysis with iptables

Azure PCI PaaS Reference Architecture

immudb - world’s fastest immutable database, built on a zero trust model

Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

BSM based intrusion detection system