Vendors

Open-source collection of Elasticsearch, Logstash, Kibana, and Beats for search, logging, and analytics with real-time data visualization.

Open-source SIEM and XDR with threat detection, vulnerability scanning, and compliance monitoring for endpoints. Compare Wazuh for MSP security stacks.

Horizontally scalable, highly available, multi-tenant log aggregation system inspired by Prometheus, designed for cost-effective log storage and querying.

Centralized log management and SIEM platform for real-time analysis of machine data with advanced search and API security. Compare Graylog for MSPs.

Open-source threat intelligence platform for sharing, storing and correlating cyber security indicators and threat intelligence.

Generic and open signature format for describing threat detection methods in log events, enabling SIEM-agnostic rule sharing.

Free and open Linux distribution for threat hunting, enterprise security monitoring, and log management

Open-source network intrusion detection and prevention system with real-time traffic analysis and packet logging. Compare Snort for MSP network security.

Open-source security data pipeline for collecting, normalizing, and routing telemetry across detection and response tools. Compare Tenzir for MSPs.

Open-source AI automation platform for security and IT teams - alternative to Tines and Splunk SOAR.

Open-source security incident response platform with case management, observables, and Cortex analyzer integration. Compare TheHive for MSP SOCs.

Open-source PowerShell-based test automation framework for Microsoft 365 security configuration monitoring and compliance.