Hi All,
I am working on a project where we are trying to USE ELK as SIEM but i need some threat Intel sources which i can use as IOC and feeds to correlate SOC devices logs to detect Malicious Activities. i believe this will help me to use ELK in true terms of SIEM.
any solution which i can host locally, or any solution which i can use as open source which gets regular updates.