EL JEFE is a GPLv3 solution that focuses on process relationships. It can help you answer questions such as:
Of course, all of the questions EL JEFE will answer for you are important for protecting your network from advanced threats.

We like to split the features into three major groups - Detect, Analyze, and React.
Detection in EL JEFE
Analysis in EL JEFE
Reaction and Incident Response in EL JEFE