Open Source Security Automation and Monitoring Solution

Alertflex project is an automation, continuous monitoring, threat detection and response solution. Alertflex is designed for use in Hybrid IT infrastructure (on-premises and cloud-based) and can monitor different types of platforms - Windows, Linux, Docker, Kubernetes, Amazon AWS.

The solution works as a Security Event Manager with SOAR functionality for a distributed grid of security sensors and scanners. At this moment Alertflex provides an orchestrator and a single user interface for more than 20 products. Integrated products are mostly free open-source software in the areas of IDS and DevSecOps, that can be unified by Alertflex into one or several projects.

Alert triage

Alert triage - filtering, prioritization, validation

integration Host IDS, Network IDS, Cloud-Native runtime security

Integrated analysis for containers, endpoints, network

free open source IDS, vulnerabilities scaner tools

Reports about threats, misconfigurations, vulnerabilities

free open source SOAR

Security operations automation and response

The screenshots show the web interface of Alertflex Management console. Additionaly, there is present a screenshot of web interface Malware Information Sharing Platform. MISP is tightly integrated with Alertflex via MySQL and can be installed from a Docker image as a part of solution. To see more screenshots, please, scroll the image by arrows.

Have a question or need tech support, please send an email to our contact address info@alertflex.org

and join the Alertflex community via Discord server

COMMUNITY EDITION

  • Alerts filtering, prioritization and visualization

  • Reports about threats, misconfigurations, vulnerabilities

  • Security operations automation and response

  • Central node configuration is bare-metal server or virtual machine

  • One project, single tenant

  • Community support

PROFESSIONAL EDITION

  • Alerts filtering, prioritization and visualization

  • Reports about threats, misconfigurations, vulnerabilities

  • Security operations automation and response

  • Central node configuration is scalable microservice architecture

  • Multiple projects, multi-tenancy

  • Tech support, custom integration, consulting

integration with Wazuh EDR / HIDS

Wazuh EDR / HIDS

integration with Suricata NIDS

Suricata NIDS

integration with Falco CRS

Falco CRS

integration with Modsecurity

ModSecurity WAF

integration with AWS WAF

AWS WAF

integration with AWS Network firewall

AWS Network Firewall

integration with Amazon GuardDuty

Amazon GuardDuty

integration with Amazon Inspector

Amazon Inspector

integration with AWS Lambda

AWS Lambda

integration with Kube-bench

Kube-bench

integration with Kube-hunter

Kube-hunter

integration with Trivy

Trivy

integration with OWASP ZAP

OWASP ZAP

integration Dependency-check

Dependency-check

integration with SonarQube

SonarQube

>integration with VirusTotal

VirusTotal

integration with MISP

MISP

integration with IBM X-Force Exchange

IBM X-Force

integration with Cuckoo

Cuckoo Sandbox

integration with Falcon Sandbox

Falcon Sandbox

integration with VMRay Sandbox

VMRay Sandbox

integration with Opendistro

Open Distro

integration with GrayLog

GrayLog

integration with ThHive

TheHive

integration with STIX-shifter

OpenDXL, STIX-Shifter

integration with MITRE ATT&CK

MITRE ATT&CK

integration with JIRA

JIRA

Integration Ansible

Ansible

>Automation SSH/SFTP

Automation SSH/SFTP

integration with Groovy

Groovy Scripts

integration with Twilio

Twilio SMS

integration with SendGrid

SendGrid Email

integration with Slack

Slack

GitHub