Alternatives and similar repositories for detection-and-response-pipeline

Users that are interested in detection-and-response-pipeline are comparing it to the libraries listed below

• jatrost / awesome-detection-rules
  This is a collection of threat detection rules / rules engines that I have come across.
  ☆290Updated last year
• invictus-ir / aws-cheatsheet
  A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
  ☆74Updated last year
• k-bailey / detection-engineering-maturity-matrix
  ☆95Updated 2 years ago
• dwillowtree / diana
  Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )
  ☆186Updated 9 months ago
• center-for-threat-informed-defense / cti-blueprints
  CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…
  ☆258Updated 3 months ago
• unknownhad / CloudIntel
  This repo contains IOC, malware and malware analysis associated with Public cloud
  ☆248Updated 7 months ago
• anvilogic-forge / armory
  Anvilogic Forge
  ☆104Updated 3 weeks ago
• aws-samples / jupyter-notebook-for-incident-response
  A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incide…
  ☆147Updated last year
• elastic / SWAT
  Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…
  ☆165Updated 8 months ago
• gertjanbruggink / metrics
  This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.
  ☆112Updated 7 months ago
• BushidoUK / Breach-Report-Collection
  A collection of companies that disclose adversary TTPs after they have been breached
  ☆244Updated last year
• center-for-threat-informed-defense / security-stack-mappings
  🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…
  ☆385Updated last year
• vectra-ai-research / derf
  DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…
  ☆97Updated last year
• center-for-threat-informed-defense / insider-threat-ttp-kb
  The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…
  ☆144Updated last month
• iknowjason / AutomatedEmulation
  An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.
  ☆193Updated last year
• elastic / dorothy
  Dorothy is a tool to test security monitoring and detection for Okta environments
  ☆183Updated 10 months ago
• guardsight / gsvsoc_cirt-playbook-battle-cards
  Cyber Incident Response Team Playbook Battle Cards
  ☆381Updated last year
• center-for-threat-informed-defense / attack-flow
  Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…
  ☆660Updated last month
• invictus-ir / Invictus-AWS
  A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …
  ☆192Updated 9 months ago
• ControlCompass / ControlCompass.github.io
  Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques
  ☆135Updated last year
• invictus-ir / ALFA
  ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…
  ☆164Updated 4 months ago
• TalEliyahu / awesome-CISO-maturity-models
  Maturity models help integrate traditionally separate organizational functions, set process improvement goals and priorities, provide gui…
  ☆238Updated last month
• adanalvarez / TrailDiscover
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆162Updated 3 weeks ago
• THORCollective / HEARTH
  A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …
  ☆258Updated this week
• facebookincubator / ForgeArmory
  ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).
  ☆113Updated 9 months ago
• vectra-ai-research / Halberd
  Halberd : Multi-Cloud Agentic Attack Tool
  ☆282Updated this week
• ksthk / one
  One Conference 2024
  ☆111Updated 9 months ago
• t0sche / cvss-bt
  Enriching the NVD CVSS scores to include Temporal & Threat Metrics
  ☆205Updated this week
• nasbench / SIGMA-Resources
  Resources To Learn And Understand SIGMA Rules
  ☆177Updated 2 years ago
• siriussecurity / dettectinator
  Dettectinator - The Python library to your DeTT&CT YAML files.
  ☆114Updated 2 months ago