2 min read

Unqork Makes Two Powerful Security Tools Available as Open-source

placeholder

With security deep in its DNA, Unqork shares real-time alerting security & incident response tools

Unqork’s very first clients were in industries that demand the highest standards for security, banking, and financial services. They trusted us, because they knew enterprise security was at the core of Unqork’s platform—and our organization. In fact, Unqork hired a security officer before we even hired our first engineer. 

Of course, keeping our clients’ data and systems secure is paramount. But Unqork’s commitment to security also extends beyond the walls of our organization. We adhere to a “rising tide lifts all boats” vision of security. After all, security is not a zero-sum game. The more we can help each other, the better off we all are.

That was our guiding principle when we decided to open-source two cybersecurity-related libraries that we have created, including:

1) Real-time alerting 

Our pySigma backend library for dictquery is designed to help democratize real-time alerting capabilities using Sigma rules. 

We chose Sigma because it is a generic and open signature format that allows you to describe, and therefore detect, suspicious log events in a very straightforward manner. The rule format is very flexible, easy to write, and applicable to any type of log file. 

By providing a structured form to describe detection methods, our tool makes it easier to share those methods and make them actionable by other security professionals. 

>> Check out Unqork’s pySigma backend library for dictquery here.  

2) Streamlined security and incident response 

We believe data visualization should be standard practice for all security analysts, whether or not they can afford expensive tools. Our MISP helper library is designed to speed and simplify effective security and incident response and reporting by collecting, visualizing, analyzing, and sharing well-structured security data. 

MISP is an open-source software solution designed by and for incident analysts, security and ICT professionals, and malware reversers. MISP simplifies the task of collecting, storing, distributing, and sharing indicators of cybersecurity threats, which supports day-to-day security operations by simplifying the process of sharing structured information efficiently. 

>> Check out Unqork’s MISP helper library here

Why Unqork Is Sharing These Tools

Put simply, any of us could be harmed by bad actors. However, the creation of sophisticated security requires a deep and wide understanding of both security development and the goals, habits, and tools of adversaries. And not all organizations have the resources required to do so. 

So, we decided to share these tools in order to make it as hard as possible for bad actors to take pernicious action—and as easy as possible for good actors to stop them with well-structured threat detection and counter-measures. 

Learn more about Unqork and our approach to platform security & compliance

Take a self-guided tour of Unqork’s Codeless-as-a-Service (CaaS) platform

Take the tour!