7 projects
Wazuh
Wazuh is an open source security platform that provides unified XDR and SIEM protection for endpoints and cloud workloads. It performs threat detection, integrity monitoring, incident response and regulatory compliance through integrated capabilities for log analysis, file integrity monitoring, vulnerability detection, and security configuration assessment.
Contributors
4,192
Organizations
368
Software value
$65M
Falco
Falco, the open source cloud-native runtime security project, is the defacto Kubernetes threat detection engine. Falco detects unexpected application behavior and alerts on threats at runtime.
Contributors
2,891
Organizations
778
Software value
$61M
Sigma
Sigma is a generic signature format for SIEM systems, enabling the creation of vendor-agnostic detection rules that can be converted into queries for different security tools and log management systems. It provides a structured way to write and share detection rules for security threats across diverse platforms.
Contributors
1,739
Organizations
116
Software value
$6.3M
Atomic Red Team
Small and highly portable detection tests based on MITRE's ATT&CK.
Contributors
1,139
Organizations
62
Software value
$76M
Splunk Security Content
A collection of security detections, analytics, tools, and content for Splunk Enterprise Security and Splunk SIEM deployments. It provides pre-built security use cases, correlation searches, reports, and dashboards to help organizations detect and respond to security threats.
Contributors
948
Organizations
17
Software value
$17M
Tenzir
Tenzir is a high-performance data processing engine that enables real-time analysis and transformation of large-scale network and security data. It provides a unified platform for collecting, enriching, and analyzing diverse data sources with a focus on network security and observability.
Contributors
133
Organizations
35
Software value
$7.8M
Cortex Analyzers
Cortex Analyzers Repository
This project hasn't been onboarded to LFX Insights.