securityonion
Security Monitor
An integrated security monitoring and threat hunting platform that collects, analyzes, and responds to network traffic data
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
3k stars
87 watching
510 forks
Language: Shell
last commit: 4 days ago case-managementcyber-securityendpoint-securityinformation-securityintrusion-detection-systemmonitoringnetwork-securitysecuritysecurity-toolsthreat-hunting
Related projects:
| Repository | Description | Stars |
|---|---|---|
| security-onion-solutions/securityonion-docs | A collection of Python-based documentation for security-related software solutions. | 84 |
 s-rah/onionscan | A tool designed to help users of hidden services identify operational security issues and track Dark Web sites | 2,883 |
 misp/misp | A platform designed to facilitate the structured sharing of cyber security indicators and threats among analysts and security professionals. | 5,387 |
 opennhp/opennhp | A Zero Trust networking protocol to hide servers and data from attackers by utilizing cryptography at the OSI 5th layer. | 13,513 |
 splunk/security_content | Delivers threat intelligence and detection capabilities to Splunk Enterprise Security | 1,295 |
 bunkerity/bunkerweb | A next-generation web application firewall that integrates with various environments to provide out-of-the-box security for web services. | 6,540 |
 onionshare/onionshare | Anonymously shares files, hosts websites, and chats using the Tor network | 6,316 |
 thalesgroup-cert/watcher | Automated platform for discovering and analyzing cybersecurity threats targeting an organization | 862 |
 find-sec-bugs/find-sec-bugs | A plugin for static analysis of Java web applications and Android applications to identify potential security vulnerabilities. | 2,283 |
 onionbrowser/onionbrowser | A web browser that encrypts and tunnels internet traffic through the Tor network for enhanced privacy on mobile devices | 2,310 |
 cilium/tetragon | A real-time security monitoring system that detects and responds to sensitive events using eBPF-based sensors and enriched with kernel and Kubernetes metadata | 3,652 |
 stamusnetworks/selks | An integrated security monitoring platform using Suricata and Elasticsearch to analyze network traffic and alerts | 1,479 |
 alexandreborges/malwoverview | An automated tool for threat hunting and malware analysis | 2,967 |
 west-wind/threat-hunting-with-splunk | Provides Splunk queries to detect vulnerability exploitation attempts and subsequent compromise, including threat hunting for MITRE ATT&CK TTPs | 57 |
 thehive-project/thehive | A scalable platform for investigating and managing security incidents, providing features for collaboration, task assignment, and case management. | 3,446 |