Wazuh; looks perdy, breaks when updated (sudo yum update)
SecurityOnion; install script is hateful.
AlienVault; Web interface is not intuative/user friendly. Update from WebGui
Jose creates some nice reports to document your AD
PurpleKnight creates some nice security reports for AD. when installing there is some odd way to Unblock files. Like Ping Castle
dir -Path ‘C:\share\security\PK Community 3.0\’ -Recurse | Unblock-File
Ping Castle AD auditing tool. An excellent and easy way to start securing AD. Easy to read reports. Use this to track security improvement over time.