ExabeamLabs / Content-Library-CIM2
☆16Updated 2 months ago
Related projects: ⓘ
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆33Updated 3 weeks ago
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Updated 4 years ago
- OSSEM Common Data Model☆54Updated 2 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 3 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆49Updated 2 years ago
- Open source endpoint agent providing host information to Zeek. [v2]☆61Updated this week
- Zeek Training Materials/Products☆34Updated 10 months ago
- A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset☆33Updated 4 years ago
- ☆124Updated 9 months ago
- Mapping NSM rules to MITRE ATT&CK☆68Updated 4 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆32Updated 2 years ago
- Zeek support for Community ID flow hashing.☆32Updated last year
- This repository contains a few examples of actions that can be added to rules within Elastic Security.☆22Updated 2 years ago
- Convert Sigma rules to LogRhythm searches☆19Updated 2 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆139Updated last year
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆184Updated 3 years ago
- Log Entry to Sigma Rule Converter☆105Updated 2 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆92Updated 2 years ago
- ☆47Updated last week
- Wazuh - Splunk App☆48Updated 10 months ago
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆47Updated 2 months ago
- MineMeld nodes for MISP☆18Updated 7 months ago
- Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform☆71Updated last year
- Apps to be used for Shuffle automation. 95 of Shuffle apps are generated from APIs, and not in this directory☆98Updated 2 weeks ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆51Updated 2 years ago
- Security Analytics enables users for detecting security threats on their security event log data. It will also allow them to modify/tailo…☆69Updated last week
- WebUI of MineMeld☆43Updated last year
- A CALDERA plugin☆72Updated 3 months ago
- Sigma Detection Rule Repository☆84Updated 4 years ago
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆83Updated 2 years ago