Alertflex project is a continuous security monitoring solution designed for use in Hybrid Clouds (on-premises and cloud-based IT infrastructure). By monitoring events near real-time from well-known open-source security applications, Alertflex gives companies end-to-end security visibility. Additionally, Alertflex implements the SOAR technology stack which allows introducing CTI, OWASP and DevSecOps best practices.

Alerts filtering, prioritization and visualization

Detection intrusions, vulnerabilities and misconfigurations assets

Integrated analysis network, containers and hosts

Incident response

Services orchestration

Tasks automation

Solution components:

The Alertflex implements a modern security event management technology based on five levels: Collection, Streaming, Analysis, Storage, Access. For working in a distributed environment of Hybrid Clouds, the solution consists of separate software components Collector, Controller, Web Management Console, Worker. Collector (Altprobe) is located in the network domain where security sensors are installed (Container Runtime Security, Host IDS, File Integrity Monitor, Network IDS, Web Application Firewall). Together with security sensors, Collector logically forms a collector node. Alertflex Controller, Web Console, and Workers make up the central node. The central node could be located inside of monitored IT infrastructure or outside. To exchange messages between the collector node and the central node, the ActiveMQ message broker is used. The security of connections between nodes is implemented on the basis of support for SSL / TLS protocols built into ActiveMQ. The solution can be easily scaled from the stand-alone appliance configuration to the distributed configuration for multi-clouds.

Have a question, need tech support or new feature, send an email to address: info@alertflex.org

Below, several screenshots of Alertflex web console.

Below, the short video clip demonstrates a functional of Alertflex:

For downloading free and open-source components of the project, visit our page on the Github

COMMUNITY EDITION

Free

  • Security Event Manager and SOAR functionality
  • Web-based analytics and automate email report generation
  • Multiple collector nodes - cloud-based and on-premises
  • Central node - single server, bare-metal or virtual machine
  • One project, single tenant
  • Community support

PROFESSIONAL EDITION

Check out the proposals

  • Security Event Manager and SOAR functionality
  • Web-based analytics and automate email report generation
  • Multiple collector nodes - cloud-based and on-premises
  • Central node - microservices architecture, high availability
  • Multiple projects, multi-tenancy
  • Tech support, regular SW update
Card image cap
Wazuh EDR/HIDS
Card image cap
Modsecurity WAF
Card image cap
Suricata NIDS
Card image cap
Falco CRS
Card image cap
Automation SSH tasks
Card image cap
Automation SFTP tasks
Card image cap
Malware Information Sharing Platform
Card image cap
VirusTotal
Card image cap
Real Intelligence Threat Analytics
Card image cap
OWASP ZAP scaner
Card image cap
Nmap scaner
Card image cap
OpenScap reports
Card image cap
TheHive project
Card image cap
Graylog
Card image cap
Elastic Stack
Card image cap
JIRA
Card image cap
Slack webhooks
Card image cap
Twilio SMS
Card image cap
Cuckoo Sandbox
Card image cap
Falcon Sandbox
Card image cap
Jenkins
Card image cap
SonarQube
Card image cap
GitLab
Feedback