GACWR / OpenUBA
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
☆421Updated last year
Alternatives and similar repositories for OpenUBA:
Users that are interested in OpenUBA are comparing it to the libraries listed below
- Actionable analytics designed to combat threats☆983Updated 2 years ago
- Open Source Security Events Metadata (OSSEM)☆1,263Updated 2 years ago
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆565Updated 4 months ago
- A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.☆858Updated 8 months ago
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆602Updated last month
- Cyber Analytics Repository☆934Updated last year
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆349Updated 3 years ago
- A set of Zeek scripts to detect ATT&CK techniques.☆585Updated 10 months ago
- TRAM is an open-source platform designed to advance research into automating the mapping of cyber threat intelligence reports to MITRE AT…☆484Updated last month
- This content is analysis and research of the data sources currently listed in ATT&CK.☆409Updated last year
- A repository of curated datasets from various attacks☆643Updated this week
- Mapping the MITRE ATT&CK Matrix with Osquery☆793Updated last year
- CASCADE Server☆268Updated 2 years ago
- Security event correlation engine for ELK stack☆438Updated 10 months ago
- STIX data representing MITRE ATT&CK☆395Updated this week
- A curated list of awesome resources related to Mitre ATT&CK™ Framework☆597Updated 5 years ago
- A knowledge base of actionable Incident Response techniques☆636Updated 2 years ago
- A python module for working with ATT&CK☆539Updated last week
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,151Updated last year
- ☆125Updated last year
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆350Updated last week
- Python library using the MISP Rest API☆460Updated 3 weeks ago
- A python app to predict Att&ck tactics and techniques from cyber threat reports☆120Updated last year
- User and Entity Behavior Analytics by deep learning☆108Updated 4 years ago
- Documentation of TheHive☆396Updated last year
- SIEM Tactics, Techiques, and Procedures☆623Updated this week
- Extract and aggregate threat intelligence.☆859Updated last year
- Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.☆311Updated 6 months ago
- Phantom Community Playbooks☆497Updated 2 months ago
- Scripts and a (future) library to improve users' interactions with the ATT&CK content☆585Updated last year