Zircolite

Open source security data lake for AWS with real-time log normalization and Detection-as-Code capabilities.

Zircolite: A Standalone Tool for SIGMA Rules

Zircolite is a standalone tool developed in Python 3. It enables users to apply SIGMA rules across various log formats, including MS Windows EVTX, Auditd, Sysmon for Linux, EVTXtract, CSV, and XML.

It operates quickly, utilizing a Sigma backend

It operates quickly, utilizing a Sigma backend (SQLite), and has the capability to export results in various formats such as JSON, CSV, Splunk, Elastic, Zinc, and Timesketch. Zircolite can be utilized directly within Python or via the binaries that are provided.

Other AI Tools

Rastrea2r

Cortex XSOAR is a comprehensive SOAR platform that automates and standardizes security processes for faster response times and increased team productivity.

Details

Raccine

Comprehensive endpoint protection solution providing advanced threat detection, proactive defense, and efficient management.

Details

Radiant Security

Automated Digital Forensics and Incident Response (DFIR) software for rapid incident response and intrusion investigations.

Details

pybof

GravityZone is a unified endpoint security and analytics platform that provides risk assessment, threat prevention, and incident response capabilities.

Details