Open Source SOC Tools

byHasnain Zaidi
0

  Top SIEM Tools for SOC Analysts

Open Source SOC Tools

Incident Management Systems
• TheHive
• FIR

Network Security Monitoring
• IDS, network metadata
‒ Suricata: IDS, network metadata, and PCAP capable
‒ EVEbox: Alert triage
‒ Snort
‒ Zeek
• Full Packet Capture
‒ Moloch
‒ Google Stenographer
‒ Netsniff-ng
• Distributions
‒ Security Onion
‒ RockNSM

Endpoint monitoring / HIDS
• NXLog Community Edition: logging agent
• OSQuery
• OSSEC: HIDS
• Sysmon
• Wazuh: HIDS

Incident Response
• Kansa
• Velociraptor

Malware Sandbox and Malware Analysis
• Cuckoo Sandbox
• REMnux: malware analysis tools Linux distro

Threat Intelligence Platforms
• MISP
• OpenCTI

Purple Team Testing and Reporting
• Vectr

SIEM / Log Management
• Elastic Stack
‒ Elastalert: Alerting Engine

Security Orchestration Automation and Response
• NSA Walkoff
• Shuffle
• IBM Node-Red: generalized automation / orchestration framework

Tags:
Hasnain Zaidi

Hey Folks! Welcome to my blog. Stay tuned as we will be discussing the Installation, Configuration and Troubleshooting of Systems, Networks, Cloud Integration and Bunch of other Tech Stuff.

Post a Comment (0)
Previous Post Next Post