Skip to content
This repository has been archived by the owner on Dec 13, 2021. It is now read-only.

SIEMEz v0.5

Pre-release
Pre-release
Compare
Choose a tag to compare
@jwhitt3r jwhitt3r released this 24 Jan 19:05
· 5 commits to master since this release
v0.5
77d6a87

SIEMEz v0.5 is a proof-of-concept Security Incident and Event Management (SIEM) system that is built on open-source components.

To demonstrate its capability this release is to illustrate the capability of monitoring, collecting, analysing, and visualisation security data so date. In addition, the application hopefully provides a base for any future developers to analyse the project to aid them in their potential development.

The release provides the base for SIEMEz, as follows:

  • Can collect data from RSyslog
  • Provides analysts a search function of events
  • Generate a basic incident cases to manage an incident workflow
  • Provide an API to manage the overarching application

To my knowledge, the SIEMEz application follows (where possible) common security practices. In addition, the build of the application utilises some DevSecOps tooling, currently:

  • Prospector
  • Nikto
  • Unit Testing

It is worth noting, that this is a pre-release and a proof-of-concept, that is to demonstrate SIEMEz's capability. Please review and follow the best practice of security such environments.

Assets 2
Loading