Open source SIEM?
Looks like a good alternative to the Alienvault open source SIEM, unless I've misunderstood what it's for...
The Apache Software Foundation (ASF) has announced Metron, a cybersecurity applications framework for centralised monitoring and analysis of network traffic, as its newest top-level project. Metron was born out of Cisco's OpenSoc project in 2014. OpenSoc aimed to provide a scalable security analytics tool based on the Hadoop …
In many ways its doing the same job as a SIEM, but with more analytics, and a longer term perspective. It's also got some UEBA type features in it with things like profiling. I've seen people use it to build an AlienVault replacement, as well as doing the job of larger SIEMs.
"The core ideals of openness, community, and transparency are prerequisites for solving cybersecurity challenges. Metron was a great fit in Apache because the ASF shares those core ideals. It really does take a village to solve the really hard problems,"
Apache demonstrated their new project, Apache BuzzWord. Artificial Inanity neural nets can now mimic a real-life Pointy-Haired Twat so convincingly that you might almost think an incredibly stupid marketroid had written it.