Open source cyber-security solution for continuous monitoring and orchestration

The Alertflex works as a Security Event Manager and DevSecOps Orchestrator for a distributed grid of security sensors and scanners in a Hybrid IT infrastructure, which includes both on-premises and cloud-based systems. Solution supports the full DevSecOps cycle. It is capable of performing vulnerability/misconfiguration scanning tasks (DAST, SAST, SCA), but also excels in continuous monitoring by aggregating and forwarding cybersecurity events from sensors (HIDS, NIDS, WAF) to Log and Incident Management systems.

Alert triage

Alert triage - filtering, prioritization, correlation

free open source IDS, vulnerabilities scaner tools

Detection threats, misconfigurations, vulnerabilities

integration Host IDS, Network IDS, Cloud-Native runtime security

Integrated analysis cloud, network, hosts

free open source SOAR

DevSecOps orchestration

Alertflex can monitor different platforms such as Windows, Linux, Docker, K8s, and AWS, and offers a unified interface for over cybersecurity 20 tools. These integrated tools are primarily free open-source software, which Alertflex consolidates into one or multiple projects.

Have a question or need tech support, custom integration, consulting, please send an email to contact address info@alertflex.org

and join the Alertflex community via Discord server

Main benefits of using Alertflex

  • seamless connectivity between central node and remote nodes, without requiring the opening of ports on the remote nodes

  • the central node serves as a single point for running and collecting scans across the entire hybrid cloud infrastructure

  • each remote node can have its own unique set of policies to filter alerts from sensors and reduce the impact of false positives

  • various methods available for correlating alerts related to vulnerability and misconfiguration findings

  • direct connection to the CTI MISP database to enable fast processing and caching of IoCs for a large number of security events

integration with Falco CRS

Falco CRS

integration with Wazuh EDR / HIDS

Wazuh HIDS

integration with Suricata NIDS

Suricata NIDS

integration with Modsecurity

ModSecurity WAF

integration with OWASP ZAP

OWASP ZAP

integration with Nuclei

Nuclei

integration with Nmap

Nmap

integration with Nikto

Nikto

integration with Semgrep

Semgrep

integration with Trivy

Trivy

integration with Kube-hunter

Kube-hunter

integration with CloudSploit

CloudSploit

integration with SonarQube

SonarQube

integration with DependenceTrack

DependenceTrack

integration with OpenCTI

OpenCTI

integration with ElasticSearch

ElasticSearch

integration with GrayLog

GrayLog

integration with OpenSearch

Anomaly Detection

integration with Prometheus

Prometheus

integration with ThHive

TheHive

integration with GitLab

GitLab Incidents

integration with Grafana

Grafana

integration with Cyclonedx

SBOM

integration with MISP

MISP

integration with Jenkins

Jenkins

integration with JUnit

JUnit

integration with PyTest

PyTest

integration with STIX-shifter

Tools interoperability

integration with Kubernetes

Kubernetes

integration with Docker

Docker

integration with AWS Cloud

AWS Cloud

integration with AWS WAF

AWS WAF

integration with AWS Network firewall

AWS Network Firewall

GitHub