Prelude is a Security Information and Event Management system, enabling all available security application, be it opensource or proprietary, to report to a centralized system. In order to achieve this task, Prelude relies on the IDMEF (Intrusion Detection Message Exchange Format) IETF standard (RFC
... [More] 4765), that enables different kinds of sensors to generate events using an unified language.
Prelude benefits from its ability to find traces of malicious activity from different sensors (Snort, Suricata, OSSEC, honeyd, Samhain, over 30 types of systems logs, and many others) in order to better verify an attack and in the end to perform automatic correlation between the various events.
Prelude is commited to providing a SIEM that offers the ability to unify currently available tools. [Less]
AlienVault Open Source SIM aims to be the all-in-one security solution for enterprise needs, featuring:
Low level real-time detection of known threats and unknown abnormal activity Network, host and policies Audit Network behavior analysis and profiling Log management Intelligence to improve the
... [More] accuracy of threat detection Risk oriented security analysis Compliance automation Executive and technical reports An scalable high performance architecture [Less]
pyHIDS is a host-based intrusion detection system. It uses an RSA signature to check the integrity of its database. Alerts are written in the logs of the system, and can be sent via email to a list of users or on IRC channels (through the irker IRC client). You can define rules to specify files to be checked periodically.