I want to buy a SIEM, but I don't know which one

This page summarizes the projects mentioned and recommended in the original post on reddit.com/r/AskNetsec
#cortex #misp #security-incidents #thehive-project #Analyzer

Our great sponsors
  • SonarLint - Deliver Cleaner and Safer Code - Right in Your IDE of Choice!
  • Scout APM - Less time debugging, more time building
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • CortexDocs

    Documentation of Cortex

    I also recommend checking out TheHive Project and Cortex. I used these in my SOC days and was super impressed with features, like linking incidents automatically based on reported IOCs. TheHive runs on elasticsearch under the hood, too.

  • TheHive

    TheHive: a Scalable, Open Source and Free Security Incident Response Platform

    I also recommend checking out TheHive Project and Cortex. I used these in my SOC days and was super impressed with features, like linking incidents automatically based on reported IOCs. TheHive runs on elasticsearch under the hood, too.

  • SonarLint

    Deliver Cleaner and Safer Code - Right in Your IDE of Choice!. SonarLint is a free and open source IDE extension that identifies and catches bugs and vulnerabilities as you code, directly in the IDE. Install from your favorite IDE marketplace today.

  • lme

    Logging Made Easy

    Use something based off of a free version of Elasticsearch, like Logging Made Easy: https://github.com/ukncsc/lme or SIEMMonster or Security Onion.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts