CSIRT - Security Response Toolkit

Date: 2022-12-12Last modified: 2022-12-12

The MISP threat sharing platform is a free and open source software helping information sharing of threat intelligence including cyber security indicators.
IntelMQ is a solution for CERTs for collecting and processing security feeds, pastebins, tweets and log files using a message queuing protocol.
The Hive is a scalable, open source and free Security Incident Response Platform designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner.
NfSen allows you to keep all the convenient advantages of the command line using nfdump directly and gives you also a graphical overview over your netflow data.
Use Elastic to search, monitor, analyze and visualize machine data.
Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance.
Packetbeat is a lightweight network packet analyzer that sends data from your hosts and containers to Logstash or Elasticsearch.
Graylog provides answers to your team’s security, application, and IT infrastructure questions by enabling you to combine, enrich, correlate, query, and visualize all your log data in one place.
N8N move and transform data between different apps and databases without getting caught up in API docs and troubleshooting CORS errors.