Velociraptor from Rapid7

Velociraptor is an open source security monitoring software tool developed by Velocidex and acquired by Rapid7 in April, 2021. Velociraptor works natively on Windows, macOS and Linux. An endpoint monitoring and forensics analysis tool, users can collect endpoint events such as event logs, file modifications and process execution. Automatic responses can be triggered based event alerts (e.g. endpoint lockdown), and users can conduct forensics using the tools included library of forensic artifacts.