PaloAltoNetworks / cis-benchmarksLinks
CIS benchmark quickplay for rapid assessments of the NGFW
☆13Updated 2 years ago
Alternatives and similar repositories for cis-benchmarks
Users that are interested in cis-benchmarks are comparing it to the libraries listed below
Sorting:
- A tool that allows you to document and assess any security automation in your SOC☆47Updated 11 months ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆58Updated 3 years ago
- Collection of Dashboards for Threat Hunting and more!☆70Updated 4 years ago
- Anvilogic Forge☆108Updated 2 weeks ago
- This is the One Stop place where you can several Detection Rules which can help you to kick start your journey on SIEM, SOC work.☆40Updated 4 years ago
- A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incide…☆149Updated last year
- Wazuh integration TheHive☆39Updated 2 years ago
- ☆19Updated 2 years ago
- ☆45Updated 2 years ago
- Repo for Automations and other solutions for Elastic SIEM/Security.☆18Updated 4 years ago
- Table Top Exercise (TTX) for Computer Security Incident Response (CSIRT) teams. The templatized artifacts provided will hopefully help te�…☆42Updated 5 years ago
- ☆119Updated 2 years ago
- Cyences App (Cyber Defense) built by CrossRealms International - https://splunkbase.splunk.com/app/5351/☆10Updated this week
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆35Updated 3 years ago
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆29Updated 2 years ago
- Automating Security Detection Engineering, published by Packt☆62Updated 11 months ago
- Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General☆24Updated 3 years ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆102Updated last year
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆66Updated last year
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆53Updated 2 years ago
- The Measure, Maximize, and Mature Threat-Informed Defense (M3TID) project defines what Threat-Informed Defense (TID) is and the key activ…☆16Updated 3 months ago
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆131Updated last year
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆137Updated 2 years ago
- MITRE ATT&CK Based App in Power BI☆17Updated last year
- A Command-line tool which leverages the Tenable Vulnerability Management API to reduce the time it takes to get information that is commo…☆82Updated last week
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆81Updated last year
- Run Velociraptor on Security Onion☆40Updated 3 years ago
- This repository contains Splunk queries to hunt some anomalies☆44Updated 3 years ago
- ☆39Updated 2 years ago
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆85Updated last year