GoogleCloudPlatform / security-analytics
Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud
☆330Updated 8 months ago
Alternatives and similar repositories for security-analytics:
Users that are interested in security-analytics are comparing it to the libraries listed below
- Take automated actions against threats and vulnerabilities.☆213Updated last year
- Best practice example for secure and compliant Google Cloud Platform infrastructure☆103Updated 2 years ago
- Collection of example YARA-L rules for use within Google Security Operations☆346Updated 2 weeks ago
- GCP CIS 1.1.0 Benchmark InSpec Profile☆130Updated 6 months ago
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆379Updated 10 months ago
- Command line tool to interact with Chronicle's Config Based Normalizer (CBN) APIs.☆28Updated last year
- Built-in Panther detection rules and policies☆359Updated this week
- Dorothy is a tool to test security monitoring and detection for Okta environments☆178Updated 6 months ago
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆269Updated last year
- Maturity models help integrate traditionally separate organizational functions, set process improvement goals and priorities, provide gui…☆223Updated 2 years ago
- A curated list of resources about detecting threats and defending Kubernetes systems.☆373Updated last year
- Python samples and utilities for Chronicle APIs☆80Updated 2 weeks ago
- ☆359Updated 10 months ago
- Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix☆59Updated last year
- A library of constraint templates and sample constraints for Constraint Framework tools☆225Updated 8 months ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆67Updated 9 months ago
- JIT Groups is an open source application that lets you implement secure, self-service access management for Google Cloud using groups.☆252Updated this week
- Cloud Commotion intends to cause chaos to simulate security incidents☆143Updated 8 months ago
- This is a collection of threat detection rules / rules engines that I have come across.☆281Updated 9 months ago
- This GitHub page shows the CISO Tradecraft Podcast broken down by Topic☆111Updated last week
- A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.☆367Updated 10 months ago
- OCSF Documentation☆123Updated this week
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆156Updated this week
- Prisma Cloud docs☆79Updated 10 months ago
- GCPGoat : A Damn Vulnerable GCP Infrastructure☆367Updated 3 months ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆91Updated last year
- Compares and analyzes GCP IAM roles.☆77Updated 8 months ago
- A collection of projects supporting AWS Integration☆152Updated last week
- An open project to list all publicly known cloud vulnerabilities and CSP security issues☆319Updated this week
- Python library to carry out DFIR analysis on the Cloud☆470Updated last month