Venator is a flexible threat detection platform optimized for Kubernetes deployment but can also run standalone or with other job schedulers like Nomad. It simplifies rule management and deployment with K8s CronJob and Helm, prioritizing simplicity, extensibility, and ease of maintenance. Venator supports multiple query engines and publishers, allowing easy switching between data lakes or services to avoid vendor lock-in. It addresses common challenges in threat detection solutions by running each detection rule as an independent job, ensuring failure of one rule doesn’t impact others. Venator integrates with Large Language Models for enhanced signal analysis and offers automated deployment using Helm charts.
https://github.com/nianticlabs/venator