DejaVu alternatives

Looking for an alternative tool to replace DejaVu? During the review of DejaVu we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. Suricata (network IDS, IPS and monitoring)
  2. Sweet Security (security monitoring on Raspberry Pi and similar)
  3. Zeek (network security monitoring tool)

These tools are ranked as the best alternatives to DejaVu.

Alternatives (by score)

100

Suricata

Introduction

Suricata is a somewhat younger NIDS, though has a rapid development cycle. It can work with Snort rulesets, yet also has optimized rulesets for usage with Suricata itself. For example, this set is known as Emerging Threats and fully optimized.

Project details

Suricata is written in C, Lua.

Strengths and weaknesses

  • + More than 50 contributors
  • + The source code of this software is available

    Typical usage

    • Information gathering
    • Intrusion detection
    • Network analysis
    • Threat discovery

    Suricata review

    64

    Sweet Security

    Introduction

    This tool helps with automating the installation of several components like Bro IDS, Elasticsearch, Logstash, Kibana (ELK stack), and Critical Stack. Saving time on installation and configuration is its primary purpose.

    Project details

    Sweet Security is written in Python.

    Strengths and weaknesses

    • + The source code of this software is available

      Typical usage

      • Network security monitoring
      • Security monitoring

      Sweet Security review

      100

      Zeek (Bro)

      Introduction

      Zeek helps to perform security monitoring by looking into the network's activity. It can find suspicious data streams. Based on the data, it alert, react, and integrate with other tools.

      Project details

      Zeek is written in C++.

      Strengths and weaknesses

      • + More than 50 contributors
      • + More than 2000 GitHub stars
      • + The source code of this software is available
      • + Well-known tool

        Typical usage

        • Security monitoring

        Zeek review

        78

        Acra

        Introduction

        Acra is a database encryption proxy that provides encryption and data leakage prevention to applications. It provides selective encryption, access control, database and data leak prevention, and even intrusion detection capabilities. It is focused on developers and supports most popular programming languages such as Go, PHP, Python, Ruby.

        Project details

        Acra is written in Golang, Node.js, Objective-C, PHP, Python, Ruby.

        Strengths and weaknesses

        • + Commercial support available
        • + The source code of this software is available

          Typical usage

          • Data encryption
          • Data leak prevention
          • Data security
          • Vulnerability mitigation

          Acra review

          100

          GRR Rapid Response

          Introduction

          The goal of the GRR tooling is to support digital forensics and investigations. By using a fast and scalable model, analysts can quickly perform their analysis. One of the main features is the ability to search for particular information or details. This process is called hunting.

          Project details

          GRR Rapid Response is written in Python.

          Strengths and weaknesses

          • + More than 25 contributors
          • + More than 3000 GitHub stars
          • + The source code of this software is available
          • + Supported by a large company

            Typical usage

            • Digital forensics
            • Intrusion detection
            • Threat hunting

            GRR Rapid Response review

            64

            MalPipe

            Introduction

            MalPipe is a modular malware and indicator collection and processing framework. It is designed to pull information about malware, domains, URLs, and IP addresses from multiple feeds. Finally, it will enrich the collected data and export the results.

            Project details

            MalPipe is written in Python.

            Strengths and weaknesses

            • + The source code of this software is available
            • - No releases on GitHub available

            Typical usage

            • Data enrichment
            • Data processing
            • Intrusion detection
            • Malware analysis
            • Malware detection

            MalPipe review

            85

            Maltrail

            Introduction

            Maltrail monitors for traffic on the network that might indicate system compromise or other bad behavior. It is great for intrusion detection and monitoring.

            Project details

            Maltrail is written in Python.

            Strengths and weaknesses

            • + More than 10 contributors
            • + More than 3000 GitHub stars
            • + The source code of this software is available

              Typical usage

              • Intrusion detection
              • Network analysis
              • Security monitoring

              Maltrail review

              60

              Scirius

              Introduction

              Scirius is a web application to do Suricata ruleset management. There is both a community version as paid version available.

              Project details

              Scirius is written in Python.

              Strengths and weaknesses

              • + The source code of this software is available

                Typical usage

                • Network security monitoring

                Scirius review

                67

                Snort

                Introduction

                Besides intrusion detection, Snort has the capabilities to prevent attacks. By taking a particular action based on traffic patterns, it can become an intrusion prevention system (IPS).

                Project details

                Snort is written in C.

                Strengths and weaknesses

                • + Supported by a large company
                • + Well-known tool

                  Typical usage

                  • Security monitoring

                  Snort review

                  64

                  CHIRON ELK

                  Introduction

                  CHIRON is a tool to provide network analytics based on the ELK stack. It is combined with Machine Learning threat detection using the Aktaion framework. Typical usage of the tool is home use and get the visibility of home internet devices. By leveraging the Aktaion framework, it helps with detection threats like ransomware, phishing, or other malicious traffic.

                  Project details

                  CHIRON ELK is written in Python.

                  Strengths and weaknesses

                  • + The source code of this software is available
                  • - No releases on GitHub available

                  Typical usage

                  • Network analysis
                  • Network security monitoring
                  • Network traffic analysis
                  • Threat discovery

                  CHIRON ELK review

                  93

                  IVRE

                  Introduction

                  IVRE is a framework to perform reconnaissance for network traffic. It leverages other tools to pull in the data and show it in the web interface.

                  Project details

                  IVRE is written in Python.

                  Strengths and weaknesses

                  • + More than 10 contributors
                  • + More than 1000 GitHub stars
                  • + The source code of this software is available

                    Typical usage

                    • Digital forensics
                    • Information gathering
                    • Intrusion detection
                    • Network analysis

                    IVRE review

                    89

                    Moloch

                    Introduction

                    Moloch comes with a web interface that allows for easy browsing of pcap data (packet capture). It can also search in the data or export it. Besides pcap, the JSON format is supported, so data can be easily consumed in other tools (like Wireshark).

                    Project details

                    Moloch is written in C, Node.js.

                    Strengths and weaknesses

                    • + More than 25 contributors
                    • + More than 3000 GitHub stars
                    • + Many releases available
                    • + The source code of this software is available
                    • + Supported by a large company

                      Typical usage

                      • Network security monitoring
                      • Security monitoring

                      Moloch review

                      60

                      Security Monkey

                      Introduction

                      Security Monkey provides a single user interface to browse and search through all of your services and accounts.

                      Project details

                      Security Monkey is written in Python.

                      Strengths and weaknesses

                      • + More than 50 contributors
                      • + More than 1000 GitHub stars
                      • + The source code of this software is available
                      • + Supported by a large company

                        Typical usage

                        • Security monitoring

                        Security Monkey review

                        70

                        pastemon

                        Introduction

                        Tool like pastemon can detect specific texts on the Pastebin website, like corporate information or sensitive information. It can be used as an early warning system or detect compromises in your environment.

                        Project details

                        pastemon is written in Perl.

                        Strengths and weaknesses

                        • + The source code of this software is available
                        • - Unknown project license

                        Typical usage

                        • Security monitoring

                        pastemon review

                        Some relevant tool missing as an alternative to DejaVu? Please contact us with your suggestion.