AttackIQ / pySigma-backend-kusto
☆36Updated 4 months ago
Alternatives and similar repositories for pySigma-backend-kusto:
Users that are interested in pySigma-backend-kusto are comparing it to the libraries listed below
- A pySigma wrapper to manage detection rules.☆37Updated this week
- A preconfigured Velociraptor triage collector☆51Updated last week
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆37Updated 3 weeks ago
- MISP to Sentinel integration☆64Updated last week
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated 10 months ago
- TIM is a Kusto investigation platform that enables a user to quickly pivot between data sources; annotate their findings; and promotes co…☆21Updated 8 months ago
- A collection of various SIEM rules relating to malware family groups.☆66Updated 10 months ago
- A repository to share publicly available Velociraptor detection content☆154Updated this week
- Generates a detailed CSV file containing Sigma Rules statistics for each service or category, and each level, offering a holistic view of…☆10Updated last year
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆111Updated 4 months ago
- A tool that allows you to document and assess any security automation in your SOC☆46Updated 5 months ago
- SigmaHQ pySigma CrowdStrike processing pipeline☆24Updated 6 months ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆110Updated last week
- ☆72Updated 5 months ago
- ☆87Updated 2 months ago
- An opensource sigma conversion tool built using pysigma☆123Updated 3 months ago
- ☆6Updated 5 months ago
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆84Updated 2 months ago
- ☆34Updated 5 months ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆51Updated 5 months ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆118Updated last year
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆78Updated last week
- This repository contains helper scripts and custom configs to get the best out of Google's Timesketch project.☆108Updated last year
- Azure function to insert MISP data in to Azure Sentinel☆32Updated 2 years ago
- An open source platform to support analysts to organise their case and tasks☆70Updated last week
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆87Updated 5 months ago
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆52Updated 2 years ago
- Remote access and Antivirus Logging Database☆42Updated 11 months ago
- Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting☆63Updated 2 weeks ago
- Notes on responding to security breaches relating to Azure AD☆110Updated 3 years ago