Description
SOCless is a serverless framework built to help security teams easily automate their incident response and operations workflows.
SOCless alternatives and similar tools
Based on the "Security" category.
Alternatively, view SOCless alternatives based on common mentions on social networks and blogs.
-
OSQuery
SQL powered operating system instrumentation, monitoring, and analytics. -
lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional. -
Fail2Ban
Daemon to ban hosts that cause multiple authentication errors -
Wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads. -
CrowdSec
CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI. -
OSSEC
OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. -
Suricata
Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community. -
Password Pusher
๐ An application to securely communicate passwords over the web. Passwords automatically expire after a certain number of views and/or time has passed. Track who, what and when. -
SpamAssassin
Read-only mirror of Apache SpamAssassin. Submit patches to https://bz.apache.org/SpamAssassin/. Do not send pull requests
Collect and Analyze Billions of Data Points in Real Time
* Code Quality Rankings and insights are calculated and provided by Lumnify.
They vary from L1 to L5 with "L5" being the highest.
Do you think we are missing an alternative of SOCless or a related project?
Popular Comparisons
README
SOCless - serverless security orchestration, automation and response
SOCless is a serverless framework built to help security teams easily automate their incident response and operations workflows.
Overview
SOCless uses the AWS Step Functions and AWS Lambda services to execute user-defined workflows. The workflows, called Playbooks, are defined as JSON objects and triggered by real-time alerts from data sources or AWS CloudWatch schedules.
Features
- Responds to real-time or scheduled events
- Orchestrates existing security tools into workflows using AWS Lambda functions written in Python 3
- Interact with humans as part of automated workflows and adapt to their responses
- Static IP address that can be whitelisted to internal resources
- Rapid automation development life-cycle courtesy of reusable, modular and shareable plugins
- Infrastructure and response workflows deploy as code using The Serverless Framework
- Serverless design has low cost, low operational overhead, and scales effortlessly
Ready? Check out the docs!
Join our community Slack workspace
Development Guide
Building and Redeploying the Docs
SOCless documentation is contained in the docs folder and is powered by MkDocs and MkDocs Material. The built docs are hosted on Github pages
To setup your environment for building the docs
python3 -m venv venv
. venv/bin/activate
pip install -r docs-requirements.txt
To serve the docs locally (after setup)
mkdocs serve
To deploy the docs to Github pages
mkdocs gh-deploy