This project is a SIEM with SIRP and Threat Intel, all in one.
Change tcpreplay for replay.
Update ELK to 7.17.10 Add the choice for cluster elasticsearch ( 1 node or 3 node elasticsearch ) Correction bugs
Update docker-compose to docker compose
Add Velociraptor
Add Licence MIT Update ELK to 7.17.9 Suppress Stoq Suppress Clamav Update Cortex to 3.1.7-4 Add plugin Analyzer Mwdb for Cortex Add plugin Analyzer Capa for Cortex Add docker file4thehive Change yara rules for malpedia yara rules Add automation with SOAR
Add Zircolite to S1EM Update file-upload to version 1.1
Correction of bugs
Add PR of mcdave2k1 Update the configuration of MISP
Update ELK to 7.17.6 Correction of multiple bugs
Update ELK 7.17.3 Correction configuration for Misp Modification for Auditbeat