AppOmni-Labs / event-maturity-matrix

Related projects ⓘ

Alternatives and complementary repositories for event-maturity-matrix

• invictus-ir / Sigma-AWS
  This repository contains the research and components of our research into using Sigma for AWS Incident Response.
  ☆24Updated last year
• wiz-sec-public / wiz-research-iocs
  ☆31Updated this week
• Permiso-io-tools / azure-activity-log-axe
  Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leve…
  ☆22Updated 2 months ago
• SecurityRiskAdvisors / ATTiRe
  Attack Tool Timing and Reporting - Structured Attack Logging Format
  ☆21Updated 2 years ago
• chihebchebbi / Azure-Sentinel-Hive-Playbook
  Send High & New Incidents to The Hive incident management Platform
  ☆17Updated 3 years ago
• jshlbrd / detection-engineering-pocket-guide
  pocket guide for core detection engineering concepts
  ☆27Updated last year
• bittib010 / AjourVolAutolity
  A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.
  ☆15Updated 2 weeks ago
• center-for-threat-informed-defense / summiting-the-pyramid
  Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…
  ☆26Updated 3 weeks ago
• blueteam0ps / det-eng-samples
  This repository contains sample log data that were collected after running adversary simulations in Microsoft 365
  ☆20Updated last month
• zolderio / misp-to-sentinel
  Azure function to insert MISP data in to Azure Sentinel
  ☆30Updated 2 years ago
• DarwinSec / DEFCON-KQL-KUNG-FU-22
  ☆18Updated 2 years ago
• bartblaze / FARA
  Repository that contains a set of purposefully erroneous Yara rules.
  ☆48Updated 9 months ago
• op7ic / Cloud-Investigate
  A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.
  ☆36Updated 7 months ago
• BreakingMhet / honeyzure
  HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…
  ☆16Updated 5 months ago
• QueenSquishy / Zombie
  General Content
  ☆20Updated 4 months ago
• FalconForceTeam / KQLAnalyzer
  REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.
  ☆31Updated 6 months ago
• improsec / 2Cloudz
  ☆22Updated 2 years ago
• redcanaryco / ansible-atomic-red-team
  This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam
  ☆24Updated 4 months ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆20Updated 2 years ago
• piercing-index / cloud-vulnerabilities
  ☆36Updated 6 months ago
• DefensiveOrigins / DO-LAB
  ☆43Updated 3 weeks ago
• Neo23x0 / Talks
  Slides of my public talks
  ☆46Updated 10 months ago
• guardsight / gsvsoc_mission-model
  Incident Response Report Using GitHub-Sphinx
  ☆19Updated 5 years ago
• ReconInfoSec / adversary-emulation-map
  Creates an ATT&CK Navigator map of an Adversary Emulation Plan
  ☆16Updated 3 years ago
• PwnDefend / cyber_leadership_slide_examples
  ☆17Updated 2 years ago
• runreveal / sigmalite
  ☆37Updated 2 months ago
• HarshVaragiya / aws-redteam-kit
  A PoC to Simulate Ransomware Attack on AWS Environment
  ☆26Updated 3 weeks ago
• the2dl / SSDT
  Stupid Simple Detection Testing
  ☆11Updated 8 months ago
• cudeso / CSIRT-Jump-Bag
  CSIRT Jump Bag
  ☆27Updated 6 months ago