Open Source Security Automation and Monitoring Solution

Alertflex project is a free, open-source continuous security monitoring solution designed for use in Hybrid Clouds (on-premises and cloud-based IT infrastructure). By monitoring security events and reports from well-known cybersecurity applications, Alertflex gives companies end-to-end security visibility. The project adapts and automates of third-party software products into a unified solution based on the CTI SOAR technology stack and DevSecOps best practices.

Alertflex requires fewer system resources compared with similar products and mostly integrates of free open-source third-party software. It can significantly reduce costs for your cybersecurity monitoring.

Alert triage

Alerts filtering, prioritization and visualization

free open source IDS, vulnerabilities scaner tools

Detection intrusions, vulnerabilities and misconfigurations

integration Host IDS, Network IDS, Cloud-Native runtime security

Integrated analysis network, containers and hosts

free open source SOAR

Security operations automation and response

Alertflex solution includes Management console and Docker container of MISP platform. To see more screenshots solution's Web UI , please, scroll the right image.

Have a question or need tech support, please send an email to our contact address:


Free price

  • Security operations automation (time-based playbooks)

  • Machine-learning alerts analysis (external - AWS Comprehend)

  • Central node configuration is bare-metal server or virtual machine

  • One project, single tenant

  • Community support


Please, contact us for further discussion

  • Security operations automation and active response

  • Machine-learning alerts analysis (internal expert system)

  • Central node configuration is scalable microservice architecture

  • Multiple projects, multi-tenancy

  • Tech support

integration with Wazuh EDR / HIDS

Wazuh EDR / HIDS

integration with Modsecurity WAF

Modsecurity WAF

integration with Suricata NIDS

Suricata NIDS

integration with Falco CRS

Falco CRS

Automation SSH tasks

Automation SSH tasks

>Automation SFTP tasks

Automation SFTP tasks

integration with Groovy


integration with Maxmind


>integration with VirusTotal


integration with MISP

Malware Information Sharing Platform

integration with ThHive


integration with RITA

Real Intelligence Threat Analytics

integration with Snyk


integration with OWASP ZAP

OWASP ZAP scaner

integration with Nmap

Nmap scaner

integration with OpenScap

OpenScap reports

integration with SonarQube


integration with Nessus

Nessus reports

integration with Cuckoo

Cuckoo Sandbox

integration with

Falcon Sandbox

integration with STIX-shifter


integration with Prometheus


integration with Grafana


integration with GrayLog


integration with ElasticStack


integration with Packetbeat

Filebeat (Syslog,NetFlow), Packetbeat

integration with Docker Bench

Docker Bench for Security

integration with Trivy


integration with Docker Bench

Amazon Comprehend

integration with Twilio

Twilio SMS

integration with Trivy


integration with Snyk