Our great sponsors
-
OSSEC
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
-
Wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
plgx-esp
Discontinued Community Edition of the PolyLogyx Endpoint Security Platform; An open source and extensible platform to manage and monitor endpoints, based on osqery agent
-
Not sure if it could be considered one but maybe OSSEC Host Intrusion Detection System might get you some.of the way can be found here
Check out PolyLogyx ESP ( aka EclecticIQ ER community edition) if you are familiar with Osquery this offers much of the same functionality with more Windows telemetry visibility. https://github.com/polylogyx/plgx-esp
https://github.com/ukncsc/lme is this
Related posts
- Passive log analysis software
- Help: Dashboard installation failing with "can't read etc/opensearch_dashboards.yml no such file or directory"
- Is there a work around for the Wazuh-agent installer issue with Debian 12?
- Wazuh installation assistant - Indexer installation
- "INFO: Could not connect to API id [default]: 3099 - ERROR3099 - Invalid credentials" after fresh install