Alternatives and similar repositories for sgt:

Users that are interested in sgt are comparing it to the libraries listed below

• kolide / kolide-quickstart
  [DEPRECATED] A quickstart demo for Kolide tools
  ☆52Updated 6 years ago
• spotify / terraform-google-grr
  A Terraform module for GRR: the distributed incident forensics and response framework
  ☆51Updated 4 years ago
• magoo / Vault-for-Incident-Responders
  Things to know when DFIR occurs near a vault deployment.
  ☆43Updated 6 years ago
• Netflix-Skunkworks / cloudtrail-anomaly
  ☆82Updated 5 years ago
• Netflix-Skunkworks / aws-metadata-proxy
  AWS Metadata Proxy for protection against SSRF
  ☆67Updated 4 years ago
• zeek / zeek-osquery
  Bro/Zeek integration with osquery
  ☆94Updated 4 years ago
• mikermcneil / fleet-osquery-in-a-box
  Simple Docker-based quickstart for osquery, Fleet, and ELK stack
  ☆62Updated last year
• chainguard-dev / osqtool
  Automated testing, generation & manipulation of #osquery packs
  ☆72Updated 3 months ago
• somethingnew2-0 / SimpleCSPM
  GCP CSPM using Google Sheets
  ☆34Updated 7 months ago
• mozilla / ssm-acquire
  A python module for orchestrating content acquisitions and analysis via amazon ssm.
  ☆58Updated last year
• ThreatResponse / ThreatPrep
  Python module for evaluation of AWS account best practices around incident handling readieness.
  ☆55Updated 4 years ago
• tradichel / AWSSecurityAutomationFramework
  Framework for reviewing and responding to events in AWS Flow Logs using Lambda Function
  ☆45Updated last year
• ThreatResponse / margaritashotgun
  Remote Memory Acquisition Tool
  ☆245Updated 4 years ago
• demisto / alfred
  A Slack bot to add security info to messages containing URLs, hashes and IPs
  ☆71Updated 5 months ago
• juju4 / ansible-MISP
  ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing
  ☆53Updated last month
• darkarnium / perimeterator
  'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.
  ☆63Updated 5 years ago
• sendgrid / krampus
  The original AWS security enforcer™
  ☆59Updated 5 years ago
• AbGuthrie / goquery
  Provide a shell like interface by utilizing osquery's distributed API
  ☆80Updated 4 years ago
• jchrisfarris / detect-credential-compromise
  Cloudformation Template and Lambda to detect if Instance Profile credentials are being used outside your AWS Account.
  ☆28Updated 5 years ago
• willbengtson / trailblazer-aws
  Blazing CloudTrail since 2018
  ☆133Updated 6 years ago
• Netflix-Skunkworks / aws-credential-compromise-detection
  Example detection of compromise credentials in AWS
  ☆119Updated 6 years ago
• PaloAltoNetworks / minemeld-webui
  WebUI of MineMeld
  ☆43Updated last year
• ansorren / GDPatrol
  A Lambda-powered Security Orchestration framework for AWS GuardDuty
  ☆51Updated 5 years ago
• open-nsm / ContainNSM
  Dockerfiles for NSM tools
  ☆84Updated 7 years ago
• andrewbeard / broworkshop
  Materials for the BSides NoVA/Charleston 2018 Bro Workshop
  ☆14Updated last year
• Phillipmartin / gopassivedns
  PassiveDNS in Go
  ☆124Updated 5 years ago
• WarnerMedia / aws-guardduty-enterprise
  Manage GuardDuty At Enterprise Scale
  ☆22Updated 4 years ago
• sonofagl1tch / AWSDetonationLab
  This script is used to generate some basic detections of the aws security services
  ☆71Updated 2 years ago
• slackhq / gsuite-oauth-third-party-app-report
  Start enforcing G Suite third-party apps via OAuth
  ☆58Updated 6 years ago
• ThreatResponse / mad-king
  Proof of Concept Zappa Based AWS Persistence and Attack Platform
  ☆37Updated 4 years ago