SHolzhauer / elastic-tip
Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common format into Elasticsearch with the main goal of being used by the Security solution.
☆27Updated last month
Related projects: ⓘ
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆64Updated 6 years ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆44Updated 4 years ago
- ☆34Updated 3 years ago
- automate your MISP installs☆66Updated 4 years ago
- Repo for Automations and other solutions for Elastic SIEM/Security.☆17Updated 3 years ago
- Incident Response Network Tools☆22Updated 3 years ago
- Acheron is a RESTful vulnerability assessment and management framework built around search and dedicated to terminal extensibility.☆30Updated last year
- A few quick recipes for those that do not have much time during the day☆21Updated 3 weeks ago
- A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…☆61Updated last year
- A collection of my presentations, blog posts, and other contributions to the information security community☆24Updated last week
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆92Updated 2 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆51Updated 3 years ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆37Updated 2 years ago
- Incident Response Plan for all major incidents including cheatsheets for both linux and windows☆13Updated 4 years ago
- Recon Hunt Queries☆76Updated 3 years ago
- Run Velociraptor on Security Onion☆34Updated 2 years ago
- Sharing Threat Hunting runbooks☆24Updated 5 years ago
- A tool that allows you to document and assess any security automation in your SOC☆40Updated 4 months ago
- Using QRadar API☆20Updated 6 years ago
- A collection of tips for using MISP.☆74Updated 5 months ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆49Updated 2 years ago
- ☆43Updated 2 years ago
- Defence Against the Dark Arts☆34Updated 5 years ago
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearch☆66Updated last year
- Best practices in threat intelligence☆46Updated last year
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 3 years ago
- ☆51Updated 3 years ago
- misp-cloud - Cloud-ready images of MISP☆70Updated 2 years ago
- ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing☆51Updated 2 months ago