Open Source Security Automation and Monitoring Solution

Alertflex is a SecOps (IT Security Operations) solution that helps assemble processes and technology to deal with modern IT security risks and threats.

The solution works as a Security Event Manager and Orchestrator for a distributed grid of security sensors and scanners in Hybrid IT infrastructure (on-premises and cloud-based). Alertflex can monitor different types of platforms Windows, Linux, Docker, K8s, AWS and provides a single user interface for more than 30 products. Integrated products are mostly free open-source software in the areas of IDS and DevSecOps, that can be unified by Alertflex into one or several projects.

Alert triage

Alert triage - filtering, prioritization, validation

free open source IDS, vulnerabilities scaner tools

Detection threats, misconfigurations, vulnerabilities

integration Host IDS, Network IDS, Cloud-Native runtime security

Integrated analysis for containers, endpoints, network

free open source SOAR

Security operations automation and response

The screenshots show the web interface of Alertflex Management console. Additionaly, there is present a screenshot of web interface Malware Information Sharing Platform. MISP is tightly integrated with Alertflex via MySQL and can be installed from a Docker image as a part of solution. To see more screenshots, please, scroll the image by arrows.

Have a question or need tech support, please send an email to our contact address info@alertflex.org

and join the Alertflex community via Discord server

COMMUNITY EDITION

  • Alerts filtering, prioritization and visualization

  • Detection threats, misconfigurations, vulnerabilities

  • Cyber security operations automation and response

  • Central node configuration is bare-metal server or virtual machine

  • One project, single tenant

  • Community support

PROFESSIONAL EDITION

  • Alerts filtering, prioritization and visualization

  • Detection threats, misconfigurations, vulnerabilities

  • Cyber security operations automation and response

  • Central node configuration is scalable microservice architecture

  • Multiple projects, multi-tenancy

  • Tech support, custom integration, consulting

integration with Wazuh EDR / HIDS

Wazuh HIDS

integration with Suricata NIDS

Suricata NIDS

integration with Falco CRS

Falco CRS

integration with Modsecurity

ModSecurity WAF

integration with AWS WAF

AWS WAF

integration with AWS Network firewall

AWS Network Firewall

integration with Amazon GuardDuty

Amazon GuardDuty

integration with Amazon Inspector

Amazon Inspector

integration with Amazon CloudTrail

Amazon CloudTrail

integration with AWS NACL

AWS NACL

integration with AWS SageMaker

SageMaker IP Insights

integration with AWS Lambda

AWS Lambda

integration CloudSploit

CloudSploit

integration with Kube-bench

Kube-bench

integration with Kube-hunter

Kube-hunter

integration with Trivy

Trivy

integration Docker-bench

Docker-bench

integration Dependency-check

Dependency-check

integration with Snyk

Snyk

integration with OWASP ZAP

OWASP ZAP

integration Nmap

Nmap

integration with SonarQube

SonarQube

integration with STIX-shifter

OpenDXL, STIX-Shifter

integration with MITRE ATT&CK

MITRE ATT&CK

>integration with VirusTotal

VirusTotal

integration with MISP

MISP

integration with IBM X-Force Exchange

IBM X-Force

integration with Cuckoo

Cuckoo Sandbox

integration with Falcon Sandbox

Falcon Sandbox

integration with VMRay Sandbox

VMRay Sandbox

integration with OpenSearch

OpenSearch

integration with GrayLog

GrayLog

integration with Prometheus

Prometheus

integration with JIRA

JIRA

integration with ThHive

TheHive

integration with Jenkins

Jenkins

Integration Ansible

Ansible

>Automation SSH/SFTP

Automation SSH/SFTP

integration with Groovy

Groovy Scripts

integration with Twilio

Twilio SMS

integration with SendGrid

SendGrid Email

integration with Slack

Slack

GitHub