ExabeamLabs / Content-Library-CIM2
☆21Updated this week
Alternatives and similar repositories for Content-Library-CIM2:
Users that are interested in Content-Library-CIM2 are comparing it to the libraries listed below
- Threat Detection & Anomaly Detection rules for popular open-source components☆51Updated 2 years ago
- Convert Sigma rules to LogRhythm searches☆20Updated 3 years ago
- OSSEM Data Dictionaries☆59Updated last month
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 3 years ago
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆53Updated last month
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Updated 4 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated last month
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Updated 5 years ago
- ☆34Updated 3 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆149Updated this week
- A community event for security researchers to share their favorite notebooks☆107Updated last year
- The Infosec Community Definitive Guide to Jupyter Notebooks☆121Updated 4 years ago
- ☆27Updated 4 years ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆109Updated 2 months ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 2 years ago
- Workflows for Shuffle☆21Updated 2 years ago
- This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…☆71Updated 3 years ago
- Sigma Detection Rule Repository☆87Updated 4 years ago
- Run Velociraptor on Security Onion☆37Updated 2 years ago
- Notes on managing and coordinating the response to major cyber incidents☆40Updated 4 years ago
- OSSEM Common Data Model☆55Updated 2 years ago
- Import CrowdStrike Threat Intelligence into your instance of MISP☆44Updated this week
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆66Updated 7 years ago
- ☆124Updated last year
- This repository contains a few examples of actions that can be added to rules within Elastic Security.☆22Updated last month
- Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform☆71Updated last year
- Wazuh - Splunk App☆52Updated 5 months ago
- A CALDERA plugin☆75Updated this week
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆22Updated 5 years ago