0xdefendA / defenda-data-lakeLinks
defendA Data Lake. A firehose pipeline to athena providing enrichment and normalization for security events
☆16Updated 2 years ago
Alternatives and similar repositories for defenda-data-lake
Users that are interested in defenda-data-lake are comparing it to the libraries listed below
Sorting:
- ☆18Updated 3 years ago
- Updated incident response generator for training classes☆44Updated 3 years ago
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆29Updated last year
- pocket guide for core detection engineering concepts☆28Updated 2 years ago
- Varna: Quick & Cheap AWS CloudTrail Monitoring with Event Query Language (EQL)☆52Updated 2 years ago
- A set of tools and procedures for automating NSM and NIDS deployments in AWS☆16Updated 4 years ago
- Serverless honeytoken 🕵🏻♂️☆79Updated 2 years ago
- Core incident handling plugins for aws_ir cli, incident pony, and more.☆21Updated 6 years ago
- Interactive Threat Intelligence Bot that leverages serverless framework, AWS/GCP, and Slack☆27Updated 5 years ago
- Build Automated Machine Images for MISP☆28Updated last year
- A python script to acquire multiple aws ec2 instances in a forensically sound-ish way☆38Updated 3 years ago
- A few quick recipes for those that do not have much time during the day☆22Updated 7 months ago
- Knowledge Report Alert & Normalization Generator☆27Updated last year
- Web based analysis platform for use with the AWS_IR command line tool.☆17Updated 8 years ago
- Recon Hunt Queries☆77Updated 4 years ago
- ☆12Updated 6 months ago
- This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2☆14Updated 4 years ago
- CyCAT.org API back-end server including crawlers☆29Updated 2 years ago
- Use SQL to instantly query file, domain, URL and IP scanning results from VirusTotal.☆23Updated this week
- Sharing Threat Hunting runbooks☆25Updated 5 years ago
- A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.☆21Updated 3 years ago
- ☆33Updated 7 years ago
- Specifications used in the MISP project including MISP core format☆51Updated 4 months ago
- Attack Range to test detection against nativel serverless cloud services and environments☆35Updated 3 years ago
- A Spicy protocol analyzer for WireGuard☆29Updated 4 years ago
- Serverless, real-time, ClamAV+Yara scanning for your S3 Buckets☆31Updated last year
- Manage GuardDuty At Enterprise Scale☆22Updated 4 years ago
- Best practices in threat intelligence☆47Updated 2 years ago
- A Lambda-powered Security Orchestration framework for AWS GuardDuty☆52Updated 5 years ago
- Automation of VPC Traffic Mirror Sessions in AWS☆35Updated 7 months ago