Join our FREE personalized newsletter for news, trends, and insights that matter to everyone in America

Newsletter
New

Introducing Vedetta; Practical Visibility For Your Network. Know Every Device, Detect Threats, Own Your Data.

Card image cap

I was frustrated with the lack of open source SIEM / network security projects that actually cater to home and small business users, so for the past 6 months I’ve been building Vedetta. It’s practical visibility for your network. The goals: know every device, detect threats, own your data. Valuable out of the box, 5 minute or less install.

Features:

- Watches DNS for bad behavior: DGA, beaconing, tunneling, and C2/known-bad lookups against abuse.ch feeds (URLhaus, Feodo, SSLBL)
- Discovers and inventories everything on your LAN (active scan + passive ARP/DHCP/mDNS/SSDP) and classifies vendor/type
- Flags end-of-life and known-vulnerable routers/cameras (FBI IC3 list) and scores them higher when they start acting up
- Optional Pi-hole / AdGuard / UniFi ingestion if you already run them
- Self-hosted: Docker for the Core plus a small native sensor (Mac/Linux/Windows). Runs on a Pi 4, no cloud needed.

Status:
Public beta. The core works and I run it on my own network daily, but it’s early: setup assumes Docker and some networking comfort, and it’s not a one-click appliance yet (but it will be soon enough). Free and open source. There’s opt-out community threat sharing that strips IPs/MACs/hostnames before anything leaves the box, or you can turn it off and stay fully local.

Feedback:
I’d like to hear what detections, integrations, or gear you’d want covered, and where the setup trips you up.

Links:
Site: https://vedettas.com
Code: https://github.com/MahdiHedhli/vedetta

submitted by /u/ItsBlockOps
[link] [comments]