I want to buy a SIEM, but I don't know which one

This page summarizes the projects mentioned and recommended in the original post on /r/AskNetsec

Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
  • CortexDocs

    Discontinued Documentation of Cortex

    I also recommend checking out TheHive Project and Cortex. I used these in my SOC days and was super impressed with features, like linking incidents automatically based on reported IOCs. TheHive runs on elasticsearch under the hood, too.

  • TheHive

    TheHive: a Scalable, Open Source and Free Security Incident Response Platform

    I also recommend checking out TheHive Project and Cortex. I used these in my SOC days and was super impressed with features, like linking incidents automatically based on reported IOCs. TheHive runs on elasticsearch under the hood, too.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  • lme

    Discontinued Logging Made Easy

    Use something based off of a free version of Elasticsearch, like Logging Made Easy: https://github.com/ukncsc/lme or SIEMMonster or Security Onion.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts