securityonion
Security Monitor
An integrated security monitoring and threat hunting platform that collects, analyzes, and responds to network traffic data
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
3k stars
88 watching
515 forks
Language: Shell
last commit: 7 days ago case-managementcyber-securityendpoint-securityinformation-securityintrusion-detection-systemmonitoringnetwork-securitysecuritysecurity-toolsthreat-hunting
Related projects:
| Repository | Description | Stars |
|---|---|---|
| security-onion-solutions/securityonion-docs | A collection of Python-based documentation for security-related software solutions. | 85 |
 s-rah/onionscan | A tool designed to help users of hidden services identify operational security issues and track Dark Web sites | 2,900 |
 misp/misp | A platform for collecting, storing, and sharing structured information about cyber security incidents and threats. | 5,435 |
 opennhp/opennhp | A Zero Trust protocol that leverages resource-hiding and encryption to safeguard servers and data from attackers | 13,520 |
 splunk/security_content | Delivers threat intelligence and detection capabilities to Splunk Enterprise Security | 1,314 |
 bunkerity/bunkerweb | A next-generation web application firewall that integrates with various environments to provide out-of-the-box security for web services. | 7,068 |
 onionshare/onionshare | Anonymously shares files, hosts websites, and chats using the Tor network | 6,346 |
 thalesgroup-cert/watcher | Automated platform for discovering and analyzing cybersecurity threats targeting an organization | 869 |
 find-sec-bugs/find-sec-bugs | A plugin for static analysis of Java web applications and Android applications to identify potential security vulnerabilities. | 2,293 |
 onionbrowser/onionbrowser | A web browser that encrypts and tunnels internet traffic through the Tor network. | 2,321 |
 cilium/tetragon | A real-time security monitoring system that detects and responds to sensitive events using eBPF-based sensors and enriched with kernel and Kubernetes metadata | 3,694 |
 stamusnetworks/selks | An integrated security monitoring platform using Suricata and Elasticsearch to analyze network traffic and alerts | 1,489 |
 alexandreborges/malwoverview | A tool for analyzing malware and threat intelligence data from multiple sources | 3,012 |
 west-wind/threat-hunting-with-splunk | Provides Splunk queries to detect vulnerability exploitation attempts and subsequent compromise, including threat hunting for MITRE ATT&CK TTPs | 58 |
 thehive-project/thehive | A scalable platform for investigating and managing security incidents, providing features for collaboration, task assignment, and case management. | 3,471 |