ExabeamLabs / Content-Library-CIM2Links
☆23Updated last month
Alternatives and similar repositories for Content-Library-CIM2
Users that are interested in Content-Library-CIM2 are comparing it to the libraries listed below
Sorting:
- Threat Detection & Anomaly Detection rules for popular open-source components☆52Updated 2 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆151Updated 3 months ago
- Convert Sigma rules to LogRhythm searches☆21Updated 3 years ago
- Workflows for Shuffle☆23Updated 2 years ago
- Sigma Detection Rule Repository☆88Updated 5 years ago
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆53Updated 2 months ago
- Library of threat hunts to get any user started!☆44Updated 4 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆110Updated 5 years ago
- Wazuh - Splunk App☆55Updated 9 months ago
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Updated 4 years ago
- OSSEM Data Dictionaries☆61Updated 5 months ago
- The Infosec Community Definitive Guide to Jupyter Notebooks☆122Updated 4 years ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆114Updated 2 months ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆64Updated last year
- ☆126Updated last year
- Run Velociraptor on Security Onion☆38Updated 2 years ago
- OSSEM Common Data Model☆55Updated 2 years ago
- A community event for security researchers to share their favorite notebooks☆107Updated last year
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆57Updated 3 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 2 years ago
- OSSEM Detection Model☆176Updated 2 years ago
- Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform☆71Updated last year
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆144Updated 3 weeks ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆39Updated 3 years ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆43Updated 4 years ago
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆109Updated 2 years ago
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆50Updated this week
- This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…☆71Updated 3 years ago
- Home for Splunk security datasets.☆125Updated 5 years ago
- Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…☆88Updated last week