Open Source SOC Tools List

Security Operations Center

Tüm liste aÅŸağıda hani alan için hangi ürünleri kullanabilceÄŸiniz umarım google birazda araÅŸtırma yapabilirsiniz güzel olur. Åžu listede burada dursun bence en güzeli. Birde açık kaynak :) 
SOC = Security Operations Center 


Incident Management Systems
• TheHive
• FIR

Network Security Monitoring
• IDS, network metadata
‒ Suricata: IDS, network metadata, and PCAP capable
‒ EVEbox: Alert triage
‒ Snort
‒ Zeek
• Full Packet Capture
‒ Moloch
‒ Google Stenographer
‒ Netsniff-ng
• Distributions
‒ Security Onion
‒ RockNSM

Endpoint monitoring / HIDS
• NXLog Community Edition: logging agent
• OSQuery
• OSSEC: HIDS
• Sysmon
• Wazuh: HIDS

Incident Response
• Kansa
• Velociraptor

Malware Sandbox and Malware Analysis
• Cuckoo Sandbox
• REMnux: malware analysis tools Linux distro

Threat Intelligence Platforms
• MISP
• OpenCTI

Purple Team Testing and Reporting
• Vectr

SIEM / Log Management
• Elastic Stack
‒ Elastalert: Alerting Engine

Security Orchestration Automation and Response
• NSA Walkoff
• Shuffle
• IBM Node-Red: generalized automation / orchestration framework
Daha yeni Daha eski