Popularity

3.0

Stable

Activity

0.0

Stable

Stars 139

Watchers 7

Forks 23

Last Commit about 1 month ago

Description

SOCless is a serverless framework built to help security teams easily automate their incident response and operations workflows.

Programming language: Python

License: Apache License 2.0

Tags: Security Automation Security Auditing

SOCless alternatives and similar tools

Based on the "Security" category.
Alternatively, view SOCless alternatives based on common mentions on social networks and blogs.

OSQuery

9.2 9.1 L2 SOCless VS OSQuery

SQL powered operating system instrumentation, monitoring, and analytics.
lynis

8.7 9.0 SOCless VS lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

CodeRabbit: AI Code Reviews for Developers

Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

Promo coderabbit.ai

Fail2Ban

8.5 8.9 L2 SOCless VS Fail2Ban

Daemon to ban hosts that cause multiple authentication errors
Wazuh

8.5 10.0 SOCless VS Wazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
CrowdSec

8.0 9.6 SOCless VS CrowdSec

CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
pfSense

7.6 9.7 L2 SOCless VS pfSense

Main repository for pfSense
Suricata

7.6 9.9 SOCless VS Suricata

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
OSSEC

7.4 4.6 L2 SOCless VS OSSEC

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
Blackbox

7.4 2.8 SOCless VS Blackbox

Safely store secrets in Git/Mercurial/Subversion
Snort

6.5 9.4 L1 SOCless VS Snort

Snort++
Password Pusher

6.1 9.9 SOCless VS Password Pusher

🔐 Securely share sensitive information with automatic expiration & deletion after a set number of views or duration. Track who, what and when with full audit logs.
Kippo

5.7 2.7 L4 SOCless VS Kippo

Kippo - SSH Honeypot
autoVPN

5.7 0.0 SOCless VS autoVPN

Create On Demand Disposable OpenVPN Endpoints on AWS.
fwknop

5.3 6.0 L3 SOCless VS fwknop

Single Packet Authorization > Port Knocking
Glastopf

4.7 1.1 L5 SOCless VS Glastopf

Web Application Honeypot
Denyhosts

4.7 4.1 L3 SOCless VS Denyhosts

Automated host blocking from SSH brute force attacks
Pen Test Tools

4.4 0.0 L5 SOCless VS Pen Test Tools

DISCONTINUED. Homebrew Tap - Pen Test Tools
SpamAssassin

3.7 8.8 L3 SOCless VS SpamAssassin

Read-only mirror of Apache SpamAssassin. Submit patches to https://bz.apache.org/SpamAssassin/. Do not send pull requests

* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.

Do you think we are missing an alternative of SOCless or a related project?

Add another 'Security' Tool

Popular Comparisons

README

SOCless - serverless security orchestration, automation and response

SOCless is a serverless framework built to help security teams easily automate their incident response and operations workflows.

Overview

SOCless uses the AWS Step Functions and AWS Lambda services to execute user-defined workflows. The workflows, called Playbooks, are defined as JSON objects and triggered by real-time alerts from data sources or AWS CloudWatch schedules.

Features

Responds to real-time or scheduled events
Orchestrates existing security tools into workflows using AWS Lambda functions written in Python 3
Interact with humans as part of automated workflows and adapt to their responses
Static IP address that can be whitelisted to internal resources
Rapid automation development life-cycle courtesy of reusable, modular and shareable plugins
Infrastructure and response workflows deploy as code using The Serverless Framework
Serverless design has low cost, low operational overhead, and scales effortlessly

Ready? Check out the docs!

Join our community Slack workspace

Development Guide

Building and Redeploying the Docs

SOCless documentation is contained in the docs folder and is powered by MkDocs and MkDocs Material. The built docs are hosted on Github pages

To setup your environment for building the docs

python3 -m venv venv
. venv/bin/activate
pip install -r docs-requirements.txt

To serve the docs locally (after setup)

mkdocs serve

To deploy the docs to Github pages

mkdocs gh-deploy

SOCless

The SOCless automation framework