SIEM & Threat Detection OSS tools — 6 tracked with release & CVE alerts

Maltrail Mixed open source

Malicious traffic detection system

Canary Tokens Mixed open source

Generates lightweight, embedded honeypot triggers called canary tokens for detecting unauthorized access.

Hayabusa Mixed open source

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

ntopng Mixed open source

Web-based Traffic and Security Network Traffic Monitoring

Netcap Mixed open source

A framework for secure and scalable network traffic analysis - https://netcap.io

Intel Owl Mixed open source

IntelOwl: manage your Threat Intelligence at scale

Tools