@dcid maybe, but i have lots of questions. is it based on ossec, or maybe a new improved version of it? what's the tech stack, e.g. elasticsearch? is it intended to be a full blown siem?
@apgarcia Not based on OSSEC, but with similar log-analysis rules (and context-based logging rules).
I took all my experience with OSSEC and re-wrote it in a clear way.
We don't use elastsearch as well, but our own database for storage.
*not a full blown siem, at least not yet. still in beta.
Agents to send the logs over are open source, but not the backend (runs in the cloud). May make that open source as well, still thinking.
Open Source Social Network. Focused on technology, networking, linux, privacy and security, but open to anyone. Civil discourse, polite and open. Managed by the noc.org team.