ExabeamLabs / Content-Library-CIM1
☆14Updated 9 months ago
Alternatives and similar repositories for Content-Library-CIM1:
Users that are interested in Content-Library-CIM1 are comparing it to the libraries listed below
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆49Updated last month
- A collection of tips for using MISP.☆74Updated 4 months ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆61Updated 11 months ago
- A tool that allows you to document and assess any security automation in your SOC☆46Updated 5 months ago
- ☆87Updated 2 months ago
- Augmentation to Machine Readable CTI☆31Updated last month
- The Sigma command line interface based on pySigma☆151Updated last week
- ☆36Updated 4 months ago
- A MITRE Caldera plugin☆43Updated 5 months ago
- This is a repository of vendor-agnostic workflows provided for those interested in deploying Security Orchestration, Automation, and Resp…☆82Updated 4 years ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆37Updated last month
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- Run Velociraptor on Security Onion☆37Updated 2 years ago
- Run zeek with zeekctl in docker☆51Updated 7 months ago
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆81Updated last year
- OSSEM Data Dictionaries☆59Updated 3 months ago
- ☆71Updated 2 months ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆111Updated 2 weeks ago
- Anvilogic Forge☆103Updated last week
- SigmaHQ pySigma CrowdStrike processing pipeline☆24Updated 6 months ago
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆53Updated this week
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆55Updated 3 years ago
- MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats☆53Updated this week
- pySigma Splunk backend☆38Updated 2 months ago
- ☆69Updated 3 weeks ago
- ☆51Updated 3 years ago
- Repository for SPEED SIEM Use Case Framework☆53Updated 4 years ago
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆72Updated 2 weeks ago
- Automatic detection engineering technical state compliance☆55Updated 9 months ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆41Updated 4 years ago