TheIRGurus / PlaybooksLinks
Playbooks designed for IBM SOAR developed by The IR Gurus. These playbooks can be used to demonstrate how to design playbooks, perform automations, and expand your SOP library within your environment.
☆15Updated last year
Alternatives and similar repositories for Playbooks
Users that are interested in Playbooks are comparing it to the libraries listed below
Sorting:
- ☆58Updated last year
- Source code for IBM SOAR Apps that are available on our App Exchange☆92Updated 2 weeks ago
- Public script from SANS FOR509 Enterprise Cloud Incident Response☆205Updated 10 months ago
- ☆64Updated 2 years ago
- Cybersecurity Incident Response Plan☆91Updated 4 years ago
- Repository of public reference frameworks for the DFIR community.☆116Updated 2 years ago
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆208Updated 5 years ago
- ☆96Updated 2 years ago
- OSSEM Detection Model☆176Updated 2 years ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆115Updated 4 months ago
- Reflex SOAR☆12Updated 3 years ago
- ☆28Updated 4 months ago
- The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Of…☆261Updated 4 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆153Updated 5 months ago
- This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…☆73Updated 4 years ago
- ☆26Updated 3 years ago
- List of custom developed KQL queries to help proactive security teams hunt for opportunistic and sophisticated threat activity by develop…☆27Updated 4 years ago
- Real-time Response scripts and schema☆115Updated last year
- Repository for SPEED SIEM Use Case Framework☆55Updated 5 years ago
- A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.☆223Updated 4 months ago
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆55Updated 2 years ago
- Repository of SentinelOne Deep Visibility queries.☆129Updated 4 years ago
- 2021 SANS DFIR Summit: Greppin' Logs☆20Updated 4 years ago
- Tools for simulating threats☆191Updated last year
- Notes on responding to security breaches relating to Azure AD☆115Updated 3 years ago
- ☆39Updated 2 years ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆112Updated 8 months ago
- MISP to Splunk Enterprise Security Theat Intelligence Framework Integration☆13Updated 2 years ago
- Jupyter notebooks for threat hunting☆58Updated 4 months ago
- Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.☆82Updated 3 months ago