CptOfEvilMinions / ChooseYourSIEMAdventureLinks
☆18Updated 3 years ago
Alternatives and similar repositories for ChooseYourSIEMAdventure
Users that are interested in ChooseYourSIEMAdventure are comparing it to the libraries listed below
Sorting:
- Corelight@Home script☆44Updated last year
- misp-cloud - Cloud-ready images of MISP☆73Updated 3 years ago
- ☆34Updated 4 years ago
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Updated 5 years ago
- Learn about a network from a pcap file or reading from an interface☆29Updated last year
- Recon Hunt Queries☆78Updated 4 years ago
- ☆36Updated 4 years ago
- Import specific data sources into the Sigma generic and open signature format.☆78Updated 3 years ago
- A collection of tips for using MISP.☆74Updated 9 months ago
- OpenIOC rules to facilitate hunting for indicators of compromise☆37Updated 3 years ago
- A community event for security researchers to share their favorite notebooks☆108Updated last year
- A script to create and assign SOP tasks into the cases☆20Updated 5 years ago
- Workflows for Shuffle☆23Updated 2 years ago
- Notes for High Availability MISP in AWS☆19Updated 5 years ago
- Osquery Packs we use for customer security hardening☆12Updated 3 months ago
- Cyber Defence Monitoring Course Suite :: Suricata, Arkime (and others in the past)☆106Updated last year
- ☆34Updated 2 years ago
- ☆53Updated 3 years ago
- Zeek package to detect Zerologon☆11Updated 3 years ago
- The Intelligent Process Lifecycle of Active Cyber Defenders☆33Updated 2 years ago
- ☆119Updated 2 years ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆58Updated 3 years ago
- AWS EKS Cluster Forensics☆23Updated 4 years ago
- Get started using Synapse Open-Source to start a Cortex and perform analysis within your area of expertise.☆47Updated 3 years ago
- An ELK environment containing interesting security datasets.☆137Updated 5 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20Updated 3 years ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Updated 5 years ago
- Incident Response Network Tools☆24Updated 4 years ago
- Using QRadar API☆20Updated 7 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 3 years ago