Alternatives and similar repositories for FDR

Users that are interested in FDR are comparing it to the libraries listed below

• CrowdStrike / caracara
  Developer enhancements (DX) for FalconPy, the CrowdStrike Python SDK
  ☆38Updated last week
• CrowdStrike / Falcon-Toolkit
  Unleash the power of the Falcon Platform at the CLI
  ☆119Updated this week
• k-bailey / detection-engineering-maturity-matrix
  ☆95Updated 2 years ago
• OTRF / infosec-jupyterthon
  A community event for security researchers to share their favorite notebooks
  ☆107Updated last year
• thinkst / canary-utils
  Collection of useful Canary tools
  ☆79Updated 2 weeks ago
• tuckner / automation-capability-matrix
  A tool that allows you to document and assess any security automation in your SOC
  ☆46Updated 7 months ago
• Silv3rHorn / BulkStrike
  BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.
  ☆42Updated 2 years ago
• redcanaryco / redcanary-response-utils
  Tools to automate and/or expedite response.
  ☆115Updated 10 months ago
• splunk / attack_range_cloud
  Attack Range to test detection against nativel serverless cloud services and environments
  ☆35Updated 3 years ago
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆57Updated 3 years ago
• phantomcyber / phantom-apps
  Phantom Apps Repo
  ☆83Updated 3 years ago
• cisagov / ioc-scanner
  Search a filesystem for indicators of compromise (IoC).
  ☆73Updated last week
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆53Updated 2 years ago
• d3sre / Use_Case_Applicability
  Security Monitoring Resolution Categories
  ☆138Updated 3 years ago
• sans-blue-team / sec530-wiki
  ☆54Updated 3 years ago
• ReconInfoSec / rhq
  Recon Hunt Queries
  ☆77Updated 4 years ago
• carbonblack / carbon-black-cloud-sdk-python
  VMware Carbon Black Cloud Python SDK
  ☆44Updated 2 months ago
• OktaSecurityLabs / CheatSheets
  ☆33Updated 7 years ago
• OTRF / OSSEM-CDM
  OSSEM Common Data Model
  ☆55Updated 2 years ago
• PaloAltoNetworks / minemeld-webui
  WebUI of MineMeld
  ☆43Updated 2 years ago
• TheHive-Project / Synapse
  Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform
  ☆71Updated last year
• haidermdost / Threat-Detection-Maturity-Framework
  ☆18Updated 3 years ago
• Resistor52 / terraform-cloud-workstation
  Use Terraform to Provision Your Own Cloud-Based Remote Browsing Workstation
  ☆26Updated last year
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆67Updated last year
• CrowdStrike / community
  CrowdStrike's Open Source Policy & Contribution Guide
  ☆40Updated 2 months ago
• CrowdStrike / detection-container
  ☆46Updated last year
• tenable / integration-jira-cloud
  ☆72Updated 9 months ago
• activecm / threat-hunting-labs
  Collection of walkthroughs on various threat hunting techniques
  ☆75Updated 4 years ago
• center-for-threat-informed-defense / public-resources
  Collection of resources related to the Center for Threat-Informed Defense
  ☆76Updated last year
• vmware-archive / cb-reporting
  Report Generation from the Carbon Black REST API
  ☆15Updated 3 years ago