Alternatives and similar repositories for pySigma-backend-kusto

Users that are interested in pySigma-backend-kusto are comparing it to the libraries listed below

• SigmaHQ / pySigma-backend-elasticsearch

  View on GitHub
  pySigma Elasticsearch backend
  ☆64Updated this week
• jpalanco / klara-docker-compose

  View on GitHub
  Klara docker compose
  ☆11May 19, 2020Updated 5 years ago
• Mhackiori / AGIR

  View on GitHub
  Automating Cyber Threat Intelligence Reporting with Natural Language Generation
  ☆14Jan 24, 2024Updated 2 years ago
• AttackIQ / SigmAIQ

  View on GitHub
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆91Nov 3, 2025Updated 3 months ago
• steinitzu / humblebee

  View on GitHub
  TV show scraper/renamer thingy
  ☆12May 10, 2013Updated 12 years ago
• inhashed / thehive-sentinel-integration

  View on GitHub
  Integration tools for TheHive and Azure Sentinel
  ☆13Sep 23, 2020Updated 5 years ago
• jguimera / SecurityCopilotMCPServer

  View on GitHub
  MCP Server that integrates with Security Copilot, Sentinel and other tools (in the future). It enhance the process of developing , testin…
  ☆20Oct 8, 2025Updated 4 months ago
• magicsword-io / sigconverter.io

  View on GitHub
  An opensource sigma conversion tool built using pysigma
  ☆158Updated this week
• FalconForceTeam / KQLAnalyzer

  View on GitHub
  REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.
  ☆50Sep 22, 2025Updated 4 months ago
• SigmaHQ / pySigma

  View on GitHub
  Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)
  ☆527Feb 5, 2026Updated last week
• cudeso / misp2sentinel

  View on GitHub
  MISP to Sentinel integration
  ☆79Feb 6, 2026Updated last week
• certeu / droid

  View on GitHub
  A pySigma wrapper to manage detection rules.
  ☆45Jan 27, 2026Updated 2 weeks ago
• austinsonger / Elastic-Security

  View on GitHub
  Repo for Automations and other solutions for Elastic SIEM/Security.
  ☆18Jun 15, 2021Updated 4 years ago
• SigmaHQ / Detection-Rule-License

  View on GitHub
  Detection Rule License (DRL)
  ☆21Dec 27, 2024Updated last year
• cyentific-rni / stix2.1-coa-playbook-extension

  View on GitHub
  A STIX 2.1 Extension Definition for the Course of Action (COA) object type. The nested property extension allows a COA to share machine-r…
  ☆23Dec 11, 2023Updated 2 years ago
• michaelb / simple-user-simulation

  View on GitHub
  powershell script to simulate activity by a user
  ☆22Jul 29, 2020Updated 5 years ago
• SigmaHQ / pySigma-backend-crowdstrike

  View on GitHub
  SigmaHQ pySigma CrowdStrike processing pipeline
  ☆27Nov 30, 2025Updated 2 months ago
• oloruntolaallbert / MS-Attack-Range

  View on GitHub
  An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micr…
  ☆61Jul 27, 2025Updated 6 months ago
• SigmaHQ / cookiecutter-pySigma-backend

  View on GitHub
  pySigma Cookiecutter backend template
  ☆24Sep 17, 2025Updated 4 months ago
• SigmaHQ / sigma-cli

  View on GitHub
  The Sigma command line interface based on pySigma
  ☆176Feb 5, 2026Updated last week
• microsoftarchive / fta-aas

  View on GitHub
  FTA as a Service
  ☆25Apr 3, 2025Updated 10 months ago
• MSCloudInternals / XDRInternals

  View on GitHub
  A PowerShell module for the Defender XDR portal
  ☆63Feb 3, 2026Updated last week
• KQLMSPress / definitive-guide-kql

  View on GitHub
  Sample queries and data as part of the Microsoft Press book, The Definitive Guide to KQL
  ☆282Aug 28, 2024Updated last year
• f-bader / SentinelARConverter

  View on GitHub
  Sentinel Analytics Rule converter PowerShell module
  ☆65Dec 17, 2025Updated last month
• Truvis / Sentinel

  View on GitHub
  ☆30May 1, 2025Updated 9 months ago
• CTI-Driven / Microsoft-ASR-to-MITRE-ATTACK-Mapping-Project

  View on GitHub
  This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…
  ☆29Nov 20, 2024Updated last year
• zolderio / misp-to-sentinel

  View on GitHub
  Azure function to insert MISP data in to Azure Sentinel
  ☆34Oct 19, 2022Updated 3 years ago
• MISP / PyMISPWarningLists

  View on GitHub
  Pythonic way to work with the warning lists defined there: https://github.com/MISP/misp-warninglists
  ☆35Jan 8, 2026Updated last month
• Azure-Samples / mcp

  View on GitHub
  Links to samples, tools, and resources for building and integrating Model Context Protocol (MCP) servers on Azure using multiple language…
  ☆41Apr 6, 2025Updated 10 months ago
• rod-trent / Sentinel-SOC-101

  View on GitHub
  Content and collateral for the Microsoft Sentinel SOC 101 series
  ☆204Feb 12, 2024Updated 2 years ago
• briandconnelly / mcp-server-ipinfo

  View on GitHub
  IP Geolocation Server for MCP
  ☆40Jan 25, 2026Updated 2 weeks ago
• ml58158 / Demystifying-KQL

  View on GitHub
  Content Repo for Demystifying KQL Tutorial Series
  ☆72Sep 1, 2024Updated last year
• Neo23x0 / yarGen-Go

  View on GitHub
  A YARA rule generator
  ☆61Updated this week
• ail-project / ail-training

  View on GitHub
  AIL project training materials
  ☆39Jul 17, 2025Updated 6 months ago
• 0xAnalyst / DefenderATPQueries

  View on GitHub
  Hunting Queries for Defender ATP
  ☆83Dec 14, 2025Updated last month
• digital-promise / badge-engine

  View on GitHub
  This repository is for code and documentation for Badge Engine, a Digital Promise technology
  ☆17Dec 22, 2025Updated last month
• saniho / apiMareeInfo

  View on GitHub
  un sensor pour récupérer les informations des prochaines marées
  ☆12Jan 27, 2026Updated 2 weeks ago
• github / KustoSchemaToolsAction

  View on GitHub
  This repository wraps the KustoSchemaTools into a CLI tool inside a container. This way it can be used as GitHub Action
  ☆11Oct 21, 2025Updated 3 months ago
• wagov / wasocshared

  View on GitHub
  WA Cyber Security Unit (DGOV Technical) site
  ☆44Feb 5, 2026Updated last week