AppOmni-Labs / event-maturity-matrix
The Event Maturity Matrix (EMM) is a comprehensive framework that provides clarity regarding the capabilities and nuances of SaaS audit logging.
☆17Updated 2 months ago
Related projects ⓘ
Alternatives and complementary repositories for event-maturity-matrix
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆24Updated last year
- ☆31Updated this week
- Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leve…☆22Updated 2 months ago
- Attack Tool Timing and Reporting - Structured Attack Logging Format☆21Updated 2 years ago
- Send High & New Incidents to The Hive incident management Platform☆17Updated 3 years ago
- pocket guide for core detection engineering concepts☆27Updated last year
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆15Updated 2 weeks ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆26Updated 3 weeks ago
- This repository contains sample log data that were collected after running adversary simulations in Microsoft 365☆20Updated last month
- Azure function to insert MISP data in to Azure Sentinel☆30Updated 2 years ago
- ☆18Updated 2 years ago
- Repository that contains a set of purposefully erroneous Yara rules.☆48Updated 9 months ago
- A preconfigured Windows-based system designed for rapid forensic investigations in both Azure and AWS.☆36Updated 7 months ago
- HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…☆16Updated 5 months ago
- General Content☆20Updated 4 months ago
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆31Updated 6 months ago
- ☆22Updated 2 years ago
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆24Updated 4 months ago
- Workflows for Shuffle☆20Updated 2 years ago
- ☆36Updated 6 months ago
- ☆43Updated 3 weeks ago
- Slides of my public talks☆46Updated 10 months ago
- Incident Response Report Using GitHub-Sphinx☆19Updated 5 years ago
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆16Updated 3 years ago
- ☆17Updated 2 years ago
- ☆37Updated 2 months ago
- A PoC to Simulate Ransomware Attack on AWS Environment☆26Updated 3 weeks ago
- Stupid Simple Detection Testing☆11Updated 8 months ago
- CSIRT Jump Bag☆27Updated 6 months ago