Alertflex is a security monitoring project designed for use in Hybrid Clouds (traditional and cloud-based IT infrastructure). By monitoring security events from open source Host IDS, Network IDS and Web Application Firewall in real-time, Alertflex helps to detect network intrusions and malware on all network from the perimeter to the endpoints.

Alertflex may work as a stand-alone system or as part of a unified security solution. Alertflex provides alerts management, orchestration and automation for well-known open source security applications, implements the SecOps functionality:

Alerts filtering and prioritization

Detection intrusions and vulnerabilities

Integrated analysis network, endpoint

Incident response

Services orchestration

Tasks automation

COMPONENTS

The Alertflex implements a modern security event management technology based on five levels: Collection, Streaming, Analysis, Storage, Access. For working in a distributed environment of Hybrid Clouds, the solution consists of separate software components Collector, Controller, Web Management Console. Collector (Altprobe) is located in the network domain where security sensors are installed (Host IDS, File Integrity Monitor, Network IDS, Web Application Firewall). Together with security sensors, Collector logically forms a cloud or on-premises node. Alertflex Controller and Web Console make up the central node. The central node may be geographically located in the cloud itself (which it controls), in a remote office or on the cloud / MSSP side of the provider. To exchange messages between the cloud node and the central node, the ActiveMQ message broker is used. The security of connections between nodes is implemented on the basis of support for SSL / TLS protocols built into ActiveMQ. Through the use of microservices based architecture, the solution can be easily scaled from the stand-alone appliance configuration to the distributed configuration for multi-clouds.

DEMO

Below, several screenshots of Alertflex web console.

Below, the short video clip demonstrates a functional of Security Event Manager:

DOWNLOAD

For downloading open source collector (Altprobe), visit our page on the Github .

The Alertflex controller and web console is under testing and it will be available later.

Have a question or need tech support, please send an email to address:info@alertflex.org

INTEGRATIONS

Card image cap
Wazuh EDR/HIDS
Card image cap
Modsecurity WAF
Card image cap
Suricata NIDS
Card image cap
MISP TI
Card image cap
TheHive project
Card image cap
Cuckoo Sandbox
Card image cap
OWASP ZAP
Card image cap
Nmap scaner
Card image cap
Graylog
Card image cap
VirusTotal
Card image cap
FIR
Card image cap
Hybrid Analysis
Card image cap
Metricbeat
Card image cap
Slack IM
Card image cap
Twilio SMS
Feedback