Free · No signup · Built for SOC practitioners

The free cybersecurity toolkit built for SOC teams.

49+ free tools across SIEM detection engineering, SOAR automation, AI threat defence, compliance checking and live threat intel. Built by practitioners, for practitioners. No paywalls, no trials, no sales calls.


49+
Free tools, most need no signup
50+
SIEM detection use cases
10
SOAR playbook templates
₹0
Cost — always free
What’s here

Three tool libraries, one free platform.

Whether you are triaging alerts, building detection rules, designing playbooks, or demonstrating compliance — there is a tool here for it.

Free Tools

30+ instant-use tools across checklists, calculators, live intel, analysers, and security simulations. Everything from phishing demo to Windows Event ID lookup.

Windows Event ID Lookup → MITRE ATT&CK Lookup → CERT-In Deadline Calculator → IOC Extractor → AI Phishing Analyser →
All free tools →

SIEM Tools

Detection engineering tools: 50+ use cases, query translation between SPL/KQL/AQL/EQL, coverage matrix, log volume estimator, compliance checker, and Sigma rule viewer.

Use Case Library (50+) → SPL ↔ KQL Translator → Coverage Matrix → CERT-In / RBI Compliance → Sigma Rule Viewer →
All SIEM tools →

SOAR Tools

Playbook and automation tools: visual playbook builder, maturity assessment, alert fatigue calculator, 10 incident response templates, and ROI calculator for management.

Visual Playbook Builder → Maturity Assessment → Alert Fatigue Calculator → 10 IR Playbook Templates → ROI Calculator →
All SOAR tools →
Featured tools

The ones practitioners reach for first.

Reference

Windows Event ID Lookup

Type an Event ID or keyword. Get what it means, when it fires, what to look for, and a SOC triage recommendation. ~120 IDs that actually matter on shift.

Open lookup →
SIEM

SIEM Use Case Library

50+ detection use cases with pseudo-code logic, MITRE ATT&CK mapping, required log sources, false positive sources, and tuning recommendations.

Browse use cases →
SOAR

Visual Playbook Builder

Drag-and-drop SOAR playbook flowchart builder. Trigger, Decision, Action, and End nodes. Export as PNG for documentation or JSON for version control.

Open builder →
Compliance

CERT-In Deadline Calculator

Enter your incident detection time. Get exact CERT-In reporting deadlines under the Directions 2022 — a 6-hour countdown in plain language.

Calculate deadline →
AI Defence

AI Phishing Email Analyser

Score a suspicious email against the signals that matter when the attacker is using an LLM. Perfect grammar is no longer reassuring.

Analyse email →
SIEM

SIEM Query Translator

Translate detection logic between Splunk SPL, Microsoft Sentinel KQL, IBM QRadar AQL, and Elastic EQL. Five pre-built examples for common scenarios.

Translate query →
Built for India

Frameworks you actually have to comply with.

Most free security tools are built for a US or European regulatory context. Cyber Guard Forte is built with Indian practitioners in mind — every compliance tool maps explicitly to the frameworks you are actually accountable to.

CERT-In Directions 2022 — 6-hour incident reporting, 180-day log retention
RBI CSCRF — SOC, EDR, privileged access monitoring for regulated entities
DPDP Act 2023 — personal data protection, breach notification, consent obligations
ISO 27001:2022 — logging, monitoring and access control requirements mapped
Check your compliance coverage
Live intel

Real data, refreshed automatically.

These are not static lists. They pull live data and update on a schedule.

Live

CISA KEV Feed

Known exploited vulnerabilities from CISA, refreshed hourly. Searchable by vendor, product, and date. The list your patch team needs to see every Monday morning.

View live feed →
Live

Phishing Domain Watcher

Newly-registered domains that match phishing patterns, detected via CertStream in near real-time. Useful for brand protection and domain squatting monitoring.

Watch domains →
Live

Global Threat Activity Map

Live map of IP reputation events and threat activity pulled from AbuseIPDB. See where attacks are originating and what types of threats are most active right now.

View map →
Assessment

SOC-CMM Maturity Assessment

A 15-question diagnostic across five domains — Business Alignment, People, Process, Technology, and Services — scored instantly with a visual gauge and per-domain recommendations. Know where your SOC stands before an incident tells you.

Take the free assessment
Blog

Practitioner Notes & Field Guides

Plain-language writeups translating regulatory directions into what they actually mean for your team. CERT-In circulars, RBI cybersecurity guidance, DPDP Act implications, and SOC operations topics — no vendor spin, no fluff.

Topics covered

CERT-In Directions 2022 RBI CSCRF DPDP Act SOC Operations Threat Hunting Incident Response SIEM Tuning SOAR Automation AI Threats
Read the blog

49 tools. Zero cost. No account required for most.

Everything here is free because the best security tools should be accessible to every SOC team — not just the ones with enterprise budgets.

Browse free tools SIEM tools SOAR tools SOC-CMM assessment

We use cookies for basic site function and, where ads are enabled, for advertising personalisation. See our Privacy Policy.