CybercentreCanada / howlerLinks
Elevate your Security Operations Center's efficiency with Howler, the cutting-edge alert triage platform tailored for today's SOC demands.
☆40Updated this week
Alternatives and similar repositories for howler
Users that are interested in howler are comparing it to the libraries listed below
Sorting:
- A tool that allows you to document and assess any security automation in your SOC☆47Updated last year
- Dettectinator - The Python library to your DeTT&CT YAML files.☆119Updated 8 months ago
- Playbook-NG is a stateless web-based application used to match incident findings with countermeasures for adversary containment and evict…☆152Updated last week
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆114Updated last year
- ☆100Updated this week
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆125Updated 2 years ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated last year
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆166Updated last week
- An opensource sigma conversion tool built using pysigma☆150Updated 2 months ago
- Convert a variety of log formats to CSV while enriching detected IPs with Geolocation, ASN, DNS, WhoIs, Shodan InternetDB and Threat Indi…☆108Updated last year
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆272Updated 8 months ago
- Repository of attack and defensive information for Business Email Compromise investigations☆269Updated 7 months ago
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆132Updated last year
- ☆28Updated 2 weeks ago
- MISP to Sentinel integration☆77Updated last week
- ☆88Updated 9 months ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆167Updated this week
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆23Updated last week
- MISP Playbooks☆219Updated 2 months ago
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆141Updated last year
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆50Updated 5 months ago
- The Infosec Community Definitive Guide to Jupyter Notebooks☆130Updated 5 years ago
- ☆43Updated 3 years ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆223Updated last year
- ☆98Updated 3 years ago
- ☆43Updated 2 weeks ago
- This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…☆74Updated 4 years ago
- A preconfigured Velociraptor triage collector☆72Updated 2 weeks ago
- A repository of my own Sigma detection rules.☆162Updated 2 weeks ago
- A collection of tips for using MISP.☆75Updated last year