Chitin Security is a project that aims to make a truly open source and free SIEM/EDR/SOAR combination with Rust that is Secure and correct. Only pay for swag and detections on patreon.
With Endpoint agents on Windows 10+, Mac10.15, Linux (Ubuntu, CentOS)
Visualize correlations of events to create details views of attack vectors from Endpoint, Network, Cloud, etc
Investigate, Custom Detections, Active Defense (Locked to select personel, Honey)
Get a look inside any environment you are protecting, whether it be your own or others. Software/hardware inventory management
Orchestrate, Automate, and Respond if/then playbooks. create tickets, create cases, isolate, ban, deactivate account, prompt a terminal, file quarantine, report IPs, report to cloud host providors
Cyberchef, Sigma, OSQuery, GRR, The Hive
Scanning, Penetration Tests Not only will all scanning devices now be appropriately labeled so as to not cause FP, but this will also include reports for them once I know their job better
Priority critical patches, then Red Team, then Penetration Test fixes, then scan fixes, then all others
Atomic Red Team and Caldera management
Common questions your customers ask of you that this platform does not easily provide, issues and bugs, etc