kravietz 🦇 on Nostr: #infosec question - what would you use today to replace an old #StreamAlert instance ...
#infosec question - what would you use today to replace an old #StreamAlert instance on #AWS - the streamalert.io has been discontinued for 4 years now and is a very complex beast to deploy and maintain. What’s needed in terms of business functionality is essentially parsing specific alerts from CloudTrail and sending alerts to PagerDuty, Slack etc.
Published at
2024-10-25 09:44:33Event JSON
{
"id": "6f9d4ada69b582285620b66153df35ac94e67017f7b296394035dc85898237a6",
"pubkey": "60a94a39eef05a48fcb0b214f57ecd9c81ffd70bd7beaa274732ae7ae7dcf0ea",
"created_at": 1729849473,
"kind": 1,
"tags": [
[
"t",
"aws"
],
[
"t",
"streamalert"
],
[
"t",
"infosec"
],
[
"proxy",
"https://agora.echelon.pl/objects/e4d24160-941a-4a0c-9d68-4f84247cf85a",
"activitypub"
]
],
"content": "#infosec question - what would you use today to replace an old #StreamAlert instance on #AWS - the streamalert.io has been discontinued for 4 years now and is a very complex beast to deploy and maintain. What’s needed in terms of business functionality is essentially parsing specific alerts from CloudTrail and sending alerts to PagerDuty, Slack etc.",
"sig": "81b8f365ff5307c3e36308cbeb0623f8ca89eb59c3a0c7acd1daecec504ca05245682905e94871ea101759ff7e0aa86f7bfbaa150e21e96a49163a86dca2bf9e"
}
