0xdefendA / defenda-data-lakeLinks
defendA Data Lake. A firehose pipeline to athena providing enrichment and normalization for security events
☆16Updated 2 years ago
Alternatives and similar repositories for defenda-data-lake
Users that are interested in defenda-data-lake are comparing it to the libraries listed below
Sorting:
- Serverless honeytoken 🕵🏻♂️☆80Updated 2 years ago
- ☆18Updated 3 years ago
- Recon Hunt Queries☆77Updated 4 years ago
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆29Updated 2 years ago
- pocket guide for core detection engineering concepts☆29Updated 2 years ago
- Sharing Threat Hunting runbooks☆26Updated 6 years ago
- ☆65Updated last year
- Attack Range to test detection against nativel serverless cloud services and environments☆35Updated 3 years ago
- This script is used to generate some basic detections of the aws security services☆71Updated 3 years ago
- ☆45Updated 4 months ago
- A collection of notebooks built for defensive and offensive operations.☆77Updated 4 years ago
- Interactive Threat Intelligence Bot that leverages serverless framework, AWS/GCP, and Slack☆27Updated 5 years ago
- Workflows for Shuffle☆23Updated 2 years ago
- A python script to acquire multiple aws ec2 instances in a forensically sound-ish way☆38Updated 3 years ago
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆83Updated last year
- A MITRE ATT&CK Navigator export for AWS GuardDuty Findings☆138Updated 4 years ago
- AWS EKS Cluster Forensics☆23Updated 3 years ago
- Import specific data sources into the Sigma generic and open signature format.☆78Updated 3 years ago
- Updated incident response generator for training classes☆44Updated 4 years ago
- Legal, procedural and policies document templates for operating MISP and information sharing communities☆38Updated 2 years ago
- ☆34Updated 4 years ago
- A packer utility to create and capture DFIR Image for use AWS & Azure☆15Updated 5 years ago
- Cisco Orbital - Osquery queries by Talos☆134Updated 11 months ago
- Core incident handling plugins for aws_ir cli, incident pony, and more.☆21Updated 7 years ago
- OpenIOC rules to facilitate hunting for indicators of compromise☆37Updated 3 years ago
- Knowledge Report Alert & Normalization Generator☆27Updated last year
- Threat hunting repo for my independent study on threat hunting with OSQuery☆27Updated 7 years ago
- A community event for security researchers to share their favorite notebooks☆108Updated last year
- ☆33Updated 7 years ago
- OSSEM Common Data Model☆56Updated 2 years ago