TheIRGurus / Playbooks
Playbooks designed for IBM SOAR developed by The IR Gurus. These playbooks can be used to demonstrate how to design playbooks, perform automations, and expand your SOP library within your environment.
☆13Updated 6 months ago
Related projects ⓘ
Alternatives and complementary repositories for Playbooks
- ☆58Updated last year
- Pulls IOCs from MISP and adds the to reference sets in QRadar☆33Updated last year
- Resilient Automation Functions and Scripts☆15Updated 2 years ago
- Source code for IBM SOAR Apps that are available on our App Exchange☆91Updated this week
- Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General☆23Updated 2 years ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- ☆41Updated 2 years ago
- Example scripts and rules for use in Resilient playbooks.☆34Updated 11 months ago
- ☆20Updated last year
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆39Updated 2 years ago
- QRadar Export the rule set for printing☆22Updated 7 years ago
- These workflows are provided for sample usage, new submissions and updates from the community, and are NOT supported by IBM.☆46Updated 2 weeks ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆116Updated 11 months ago
- Repository of public reference frameworks for the DFIR community.☆109Updated last year
- ☆52Updated last year
- Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.☆78Updated 3 months ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆104Updated 2 weeks ago
- A collection of tips for using MISP.☆74Updated 7 months ago
- Convert Sigma rules to LogRhythm searches☆19Updated 2 years ago
- The Infosec Community Definitive Guide to Jupyter Notebooks☆115Updated 4 years ago
- 2021 SANS DFIR Summit: Greppin' Logs☆21Updated 3 years ago
- MISP to Sentinel integration☆60Updated this week
- ☆26Updated 3 years ago
- Public script from SANS FOR509 Enterprise Cloud Incident Response☆179Updated 2 months ago
- Practical Orientation Of MVISION EDR Query Language☆34Updated last year
- Detection of obfuscated Powershell commands☆54Updated last year
- MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats☆50Updated this week
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆107Updated 4 years ago
- ☆87Updated 2 years ago