SumoLogic / cloud-siem-content-catalog
☆13Updated last month
Related projects: ⓘ
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆51Updated last year
- A Secure Controls Framework (SCF) Power BI App☆12Updated 3 weeks ago
- A tool that allows you to document and assess any security automation in your SOC☆40Updated 4 months ago
- A collection of dashboards, templates, API's and Power BI code for vulnerability management and analysis☆12Updated 3 weeks ago
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆45Updated 3 months ago
- Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…☆36Updated last month
- Workflows for Shuffle☆20Updated last year
- Controls Assessment Specification☆65Updated 3 months ago
- ☆11Updated 2 years ago
- The Infosec Community Definitive Guide to Jupyter Notebooks☆108Updated 3 years ago
- ☆95Updated 3 months ago
- Security Control Knowledge Graph☆25Updated 4 months ago
- MITRE ATT&CK Based App in Power BI☆11Updated 6 months ago
- AI-powered tool designed to help producing Threat Intelligence Mindmap.☆68Updated 2 weeks ago
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆34Updated 2 years ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆35Updated 3 years ago
- Automating Security Detection Engineering, published by Packt☆42Updated 3 months ago
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆15Updated 4 months ago
- 🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …☆70Updated 5 months ago
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆76Updated 8 months ago
- Kestrel Jupyter Notebook Kernel☆9Updated 11 months ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆58Updated 4 months ago
- ☆79Updated last month
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆50Updated last year
- ☆12Updated 4 months ago
- ☆26Updated last week
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆49Updated 2 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆37Updated 4 months ago
- ☆40Updated last year
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆29Updated 8 months ago