Our great sponsors
-
OSSEC
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
-
Wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
plgx-esp
Discontinued Community Edition of the PolyLogyx Endpoint Security Platform; An open source and extensible platform to manage and monitor endpoints, based on osqery agent
Not sure if it could be considered one but maybe OSSEC Host Intrusion Detection System might get you some.of the way can be found here
Check out PolyLogyx ESP ( aka EclecticIQ ER community edition) if you are familiar with Osquery this offers much of the same functionality with more Windows telemetry visibility. https://github.com/polylogyx/plgx-esp
https://github.com/ukncsc/lme is this
Related posts
- Passive log analysis software
- Help: Dashboard installation failing with "can't read etc/opensearch_dashboards.yml no such file or directory"
- Is there a work around for the Wazuh-agent installer issue with Debian 12?
- Wazuh installation assistant - Indexer installation
- "INFO: Could not connect to API id [default]: 3099 - ERROR3099 - Invalid credentials" after fresh install