CSIRT - Security Response Toolkit
Date: 2022-12-12Last modified: 2022-12-12
- The MISP threat sharing platform is a free and open source software helping information sharing of threat intelligence including cyber security indicators.
- IntelMQ is a solution for CERTs for collecting and processing security feeds, pastebins, tweets and log files using a message queuing protocol.
- The Hive is a scalable, open source and free Security Incident Response Platform designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner.
- NfSen allows you to keep all the convenient advantages of the command line using nfdump directly and gives you also a graphical overview over your netflow data.
- Use Elastic to search, monitor, analyze and visualize machine data.
- Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.
- Packetbeat is a lightweight network packet analyzer that sends data from your hosts and containers to Logstash or Elasticsearch.
- Graylog provides answers to your team’s security, application, and IT infrastructure questions by enabling you to combine, enrich, correlate, query, and visualize all your log data in one place.
- N8N move and transform data between different apps and databases without getting caught up in API docs and troubleshooting CORS errors.