/OpenUBA

A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework, developed with luv by Data Scientists from the Cyber Security industry. [Alpha]

Primary LanguageHTMLGNU General Public License v3.0GPL-3.0

OpenUBA

Get the updated code on XS code

https://cp.xscode.com/Tormorrow-SOC/OpenUB

Goals

To Build a lightweight, SIEM Agnostic, UEBA Framework focused on providing:

  • Model Management
  • Community-driven Model Library
  • Model Versioning
  • Dashboard
  • Rule Storage/Management
  • Case Management
  • Peer-oriented/community intel
  • Lightweight, SIEM-agnostic infrastructure
  • Flexible/open dataset support

Components

  • Model Client (optional)
  • Model Server (Remote or Local)
  • Transport Client
  • User Inferface

User Interface

The interface is meant to observe system events, and anomalies, but not to replace a SIEM.

Views

  • Dashboard (index)
  • Anomalies
  • Cases
  • Data
  • Modeling

Installation

Go to INSTALL.md

Discord

Discord channel: https://discord.gg/7t4qJk

Telegram

Telegram: https://t.me/tomorrowsoc