Search Results for "correlation"
Sort By:
Showing 20 open source projects for "correlation"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Easily Host LLMs and Web Apps on Cloud RunRun frontend and backend services, batch jobs, host LLMs, and queue processing workloads without the need to manage infrastructure. Cloud Run gives you on-demand GPU access for hosting LLMs and running real-time AI—with 5-second cold starts and automatic scale-to-zero so you only pay for actual usage. New customers get $300 in free credit to start.
-
1
Keep
The open-source alert management and AIOps platform
Single pane of glass, filtering, bi-directional integrations, alert correlation, workflows, enrichment, dashboards. Keep is an alerting framework for DevOps that integrates with various monitoring tools, helping teams manage alerts and notifications effectively. -
2
OpenCTI
Open Cyber Threat Intelligence Platform
OpenCTI is a comprehensive open-source cyber threat intelligence platform designed to help organizations collect, structure, analyze, and share information about cyber threats. It provides a modern web application backed by a GraphQL API and a data model aligned with the STIX2 standard to ensure interoperability across the threat intelligence ecosystem. The platform enables teams to correlate technical indicators such as observables and TTPs with higher-level context like attribution and... -
3
SimpleX
The first messaging platform operating without user identifiers
...To prevent it SimpleX apps pass one-time keys out-of-band when you share an address as a link or a QR code. Double-ratchet protocol. OTR messaging with perfect forward secrecy and break-in recovery. NaCL cryptobox in each queue to prevent traffic correlation between message queues if TLS is compromised. -
4
Simple Event Correlator (SEC) is a lightweight event correlator for network management, log file monitoring, security management, fraud detection, and other tasks which involve event correlation.
-
Ship AI Apps Faster with Vertex AIShip AI apps and features faster with Vertex AI—your end-to-end AI platform. Access Gemini 3 and 200+ foundation models, fine-tune for your needs, and deploy with enterprise-grade MLOps. Build chatbots, agents, or custom models. New customers get $300 in free credit.
-
5
X-Itools: Email/Web Log Search Engine
Strong Email & Apache Log Analysis with Active Security Features
...Now based on web 2.0 technologies (ExtJS 4.1) and devel restarted because of a particular interest given to it by a world wide Organization (United Nations). Module renamed "X-Itools ELSE", for "X-Itools E-mail Log Search Engine". Some features: Log analysis and correlation of Postfix and Exchange servers, statistics, policy manager, in-deep analysis, automated network graphs for e-mail tracing, CSV export... The Swiss knife of Messaging Admins. In 2015, X-Itools ELSE is no more limited to E-mail logs: Apache logs are also processed and related stats and dashboards will be there! -
6
DeepBlueCLI
PowerShell Module for Threat Hunting via Windows Event Logs
DeepBlueCLI is a PowerShell-centric threat-hunting toolkit built to extract, normalize, and flag suspicious activity from Windows event logs and Sysmon telemetry. It parses common sources—including Windows Security, System, Application, PowerShell logs, and Sysmon event ID 1—then applies a rich set of detection heuristics for things like suspicious account changes, password guessing and spraying, service tampering, PowerShell obfuscation and download-string usage, long or unusual command... -
7
Vision nmap's CPE to CVE conversor
Nmap's XML result parse and NVD's CPE correlation to search CVE.
Nmap's XML result parse and NVD's CPE correlation to search CVE. https://github.com/CoolerVoid/Vision2 -
8
Whonix
Whonix is an Anonymous Operating System.
THIS IS NOT WHONIX'S HOMEPAGE. Please go to: https://www.whonix.org/ (This is only Whonix's sourceforge must-have project page.) Whonix is an operating system focused on anonymity, privacy and security. It's based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user's real IP. Whonix consists of two parts: One solely runs Tor and acts as a gateway, which we call... -
9
AlienVault OSSIM
Open Source SIEM
OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities: * Log management * Advanced threat detection with a continuously updated library of pre-built correlation rules * Actionable threat intelligence updates from AlienVault Labs Security Research Team * Rich analytics dashboards and data visualization -
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
10
RHIPS
Rhythm Host Intrusion Prevent System is a log file monitor IDS/IPS
...For alerting and response specify the number of instances before alerting or taking action. If specifying a command action another command can be run later on a timed basis. Port to IP address correlation allows for the connecting IP address to be identified and action taken against it. -
11
CorReactive
Event correlation engine with reactive facilities
Correlation engine based on Esper library which can be used together with Logstash. Please read FAQ http://sourceforge.net/p/correactive/wiki/FAQ/ -
12
Brutus
Brute force crack of the caeser cypher via frequency analysisi
Attempts every possible de-cypher, and uses frequency analysts and the Pearson correlation to determine which one is the closest to an English phrase. -
13
LogSeCA
SIEM based tool supporting audit and security assessment
...It provides the following main capabilities: » secure and reliable retention of audit records for reliability and accountability, even in case of the source of event/log fails or the logs on it are accidentally or intentionally cancelled; » correlation of audit records in order to identify violation of security policies in the different data centres of the cloud infrastructure, which it would be impossible to do if each data centre processed events separately; » alerting and notification to the interested parties (e.g. security manager of the storage infrastructure); » control on the status of the corrective actions; » reporting at different levels (for basic audit inspection, statistical) and for different purposes (for final users, for internal purposes, for auditing). ... -
14
...The latest version supports named fields in the STL files for tagging data parsed in the Prefix Tree and anonymous functions for parsing dynamic message payloads. We now output JSON objects and I'm working on HBase integration. By outputting to JSON it also leaves open the possibility for on the fly in memory correlation between events. Read the included README before starting, it has a quick start guide and info on the constructors.
-
15
GIPC
Geographical IP Correlation
TL;DR Version: I wrote a tool called GIPC (short for Geographical IP Correlation and pronounced Gypsy) which takes a list of IP address and returns the Geographical information you select based on the MaxMind.com GeoCity Database. The exe requires 2 inputs: The IP file (one IP per line) MaxMind GeoCity database – This can be downloaded HERE:http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz Please read more on my blog: http://jcsocal.blogspot.com/2013/03/geographical-ip-correlation-tool.html -
16
DAD is a Windows event log and syslog management tool that allows you to aggregate logs from hundreds to thousands of systems in real time. DAD requires no agents on the servers or workstations. Correlation and analysis is driven through a web front end.
-
17
Vsam (Vulnerabillity, Scanning, Analysis and Management) is a project dedicated to the release of a virtual appliance for the management and analysis of vulnerability scan data. The main goals are ease of use and stability of the application.
-
18
A framework for information security management. It has the centralized server for managing the IDS sensors, log consolidation and correlation, report generation etc. Also it has customized IDS sensor based on snort.
-
19
Nariz is a distributed alert correlation system, that performs alarm correlation in two phases, preprocessing locally and distributed postprocessing. By splitting the correlation system amongst several computers.
-
20
ThreatMan is an IDMEF compliant threat manager application which makes use of a multi-tier architecture. It aims in event and vulnerability correlation from alerts sent by IDSs, firewalls and other IDMEF compliant applications.
- Previous
- You're on page 1
- Next
