Alertflex project is a continuous security monitoring solution designed for use in Hybrid Clouds (on-premises and cloud-based IT infrastructure). By monitoring events and information derived from well-known open source security applications near real-time, Alertflex helps to detect cyber intrusions or vulnerabilities, give companies end-to-end security visibility. Alertflex allows introducing DevSecOps, OWASP and SOAR best practices.
The Alertflex implements a modern security event management technology based on five levels: Collection, Streaming, Analysis, Storage, Access. For working in a distributed environment of Hybrid Clouds, the solution consists of separate software components Collector, Controller, Web Management Console, Worker. Collector (Altprobe) is located in the network domain where security sensors are installed (Container Runtime Security, Host IDS, File Integrity Monitor, Network IDS, Web Application Firewall). Together with security sensors, Collector logically forms a cloud or on-premises node. Alertflex Controller, Web Console and Workers make up the central node. The central node may geographically be located in itself the IT infrastructure monitored by the central node or in a remote office, on the public/private cloud side. To exchange messages between the cloud/on-premises node and the central node, the ActiveMQ or AmazonMQ message broker is used. The security of connections between nodes is implemented on the basis of support for SSL / TLS protocols built into ActiveMQ. Through the use of microservices based architecture, the solution can be easily scaled from the stand-alone appliance configuration to the distributed configuration for multi-clouds.
Have a question, need tech support or new feature, send an email to address: firstname.lastname@example.org
For downloading free and open-source components of the project, visit our page on the Github
Check out the proposals