siem
Here are 1,004 public repositories matching this topic...
Language:All
Sort:Most stars
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
- Updated
Feb 20, 2026 - C
Main Sigma Rule Repository
- Updated
Feb 19, 2026 - Python
Free and open log management
- Updated
Feb 20, 2026 - Java
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
- Updated
Dec 13, 2025 - Python
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
- Updated
Jan 4, 2024 - Python
DEPRECATED - MozDef: Mozilla Enterprise Defense Platform
- Updated
Nov 2, 2021 - Python
🐳 Elastic Stack (ELK) v9+ on Docker with Compose. Pre-configured out of the box to enable Logging, Metrics, APM, Alerting, ML, and SIEM features. Up with a Single Command.
- Updated
Jan 3, 2026 - Dockerfile
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
- Updated
Jan 8, 2025 - Rust
A collection of sources of documentation, as well as field best practices, to build/run a SOC
- Updated
Feb 20, 2026
Fast and easy to use database for logs, which can efficiently handle terabytes of logs
- Updated
Feb 20, 2026 - Go
Awesome Security lists for SOC/CERT/CTI
- Updated
Feb 20, 2026 - YARA
pfSense/OPNsense + Elastic Stack
- Updated
Nov 28, 2025 - Shell
tirreno is an open-source security framework. Event tracking, threat detection, and risk scoring for any application.
- Updated
Feb 13, 2026 - PHP
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
- Updated
Nov 28, 2024
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
- Updated
Jun 27, 2025 - Go
A collective list of public APIs for use in security. Contributions welcome
- Updated
Jul 22, 2025
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
- Updated
Nov 5, 2023 - PowerShell
Transform Linux Audit logs for SIEM usage
- Updated
Feb 20, 2026 - Rust
Tenzir is the data pipeline engine for security teams.
- Updated
Feb 20, 2026 - C++
Improve this page
Add a description, image, and links to thesiem topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with thesiem topic, visit your repo's landing page and select "manage topics."