MSISAC / STIX-TAXII-IntegrationLinks
☆28Updated 5 years ago
Alternatives and similar repositories for STIX-TAXII-Integration
Users that are interested in STIX-TAXII-Integration are comparing it to the libraries listed below
Sorting:
- Main MineMeld documentation repo☆378Updated 7 years ago
- Exchange Transport rules to detect and enable response to phishing☆415Updated 5 years ago
- Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technic…☆224Updated 6 months ago
- Carbon Black API - Python language bindings☆145Updated 11 months ago
- Build a fast, free, and effective Threat Hunting/Incident Response Console with Windows Event Forwarding and PowerBI☆201Updated 7 years ago
- Engine of MineMeld☆141Updated 2 years ago
- Zeek (formerly Bro) Network Security Monitor package for pfSense router/firewall☆46Updated 4 years ago
- Simple integration script for 3rd party systems such as SIEMs. Offers command line, file or syslog output in CEF, JSON or key-value pair …☆136Updated last year
- Security-Focused O365 Management and Log Scripts☆62Updated 2 years ago
- Backup of my phishing regular expression testing bench☆150Updated 8 years ago
- Automated deployment scripts for the RockNSM network hunting distribution.☆455Updated 2 years ago
- An open source custom password filter DLL and userspace service to better protect / control Active Directory domain passwords.☆59Updated 7 years ago
- ☆43Updated 3 months ago
- Cisco eStreamer client☆24Updated 2 years ago
- WebUI of MineMeld☆43Updated 2 years ago
- Provision a brand-new company with proper defaults in Windows, Offic365, and Azure☆607Updated 11 months ago
- Subscribe to raw VMware Carbon Black EDR event feed and forward to another system, such as Splunk.☆73Updated last year
- Prototypes for MineMeld nodes☆39Updated 3 years ago
- ☆219Updated last year
- Documentation of Cortex☆174Updated last year
- Palo Alto Networks App for Splunk leverages the data visibility provided by Palo Alto Networks next-generation firewalls and endpoint sec…☆107Updated 10 months ago
- The official distribution of the vulnerability parsing utility.☆208Updated 3 years ago
- Graylog Processing Pipeline functions to enrich log messages with IoC information from threat intelligence databases☆154Updated last year
- Contains Logstash related content including tons of Logstash configurations☆254Updated 3 years ago
- Evolving directions on building the best Open Source Forensics VM☆160Updated 7 years ago
- Customized NXLog configuration used to generate data from Windows endpoints that can be leveraged by teams for better insight into host-a…☆18Updated 4 years ago
- Implementing the CIS Critical Controls (almost) for Free☆86Updated 3 years ago
- Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsac…☆873Updated 4 years ago
- Useful network monitoring, analysis, and active response tools used or mentioned in the SANS SEC503 course (https://www.sans.org/course/i…☆233Updated 7 months ago
- Incident Response Hierarchy of Needs☆463Updated 2 years ago