Alternatives and similar repositories for Playbooks:

Users that are interested in Playbooks are comparing it to the libraries listed below

• IBM / wincollect
  ☆58Updated last year
• syloktools / MISP-QRADAR-REFERENCE-SET-BUILDER
  Pulls IOCs from MISP and adds the to reference sets in QRadar
  ☆33Updated last year
• trellix-enterprise / RTS-Queries
  Practical Orientation Of MVISION EDR Query Language
  ☆34Updated last year
• karthikkbala / MISP-QRadar-Integration
  The Project can be used to integrate QRadar with MISP Threat Sharing Platform
  ☆39Updated 2 years ago
• ibmresilient / resilient-community-apps
  Source code for IBM SOAR Apps that are available on our App Exchange
  ☆91Updated this week
• SentineLabs / S1QL-Queries
  ☆53Updated last year
• PolarBearGod / CrowdStrike-RTR-Scripts
  ☆26Updated 3 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆52Updated 4 years ago
• ibmresilient / resilient-scripts
  Example scripts and rules for use in Resilient playbooks.
  ☆34Updated last year
• jjfallete / resilient
  Resilient Automation Functions and Scripts
  ☆15Updated 3 years ago
• NdS-Research-Facilities / QRadar-ruleset
  QRadar Export the rule set for printing
  ☆22Updated 7 years ago
• reflexsoar / reflex
  Reflex SOAR
  ☆12Updated 2 years ago
• megan201296 / gsuite-dfir
  ☆41Updated 4 years ago
• Maboalenen / DFIR
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆44Updated 3 years ago
• StrangeBeeCorp / thehive-templates
  ☆21Updated last year
• josh-morin / qradar
  Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.
  ☆79Updated 5 months ago
• msraju / Incident-Response-Playbooks
  ☆42Updated 2 years ago
• ReconInfoSec / velociraptor-to-timesketch
  ☆4Updated 2 months ago
• HASecuritySolutions / LogCampaign
  Provides detection capabilities and log conversion to evtx or syslog capabilities
  ☆52Updated 2 years ago
• str-ext-community / blue_team_as_code
  ☆9Updated 3 years ago
• LogRhythm-Labs / Sigma
  Convert Sigma rules to LogRhythm searches
  ☆19Updated 2 years ago
• IBM / IBM-QRadar-Universal-Cloud-REST-API
  These workflows are provided for sample usage, new submissions and updates from the community, and are NOT supported by IBM.
  ☆47Updated this week
• k-bailey / detection-engineering-maturity-matrix
  ☆91Updated 2 years ago
• strozfriedberg / greppin-logs
  2021 SANS DFIR Summit: Greppin' Logs
  ☆21Updated 3 years ago
• 3CORESec / SIEGMA
  SIEGMA - Transform Sigma rules into SIEM consumables
  ☆146Updated last year
• guardsight / gsvsoc_cybersecurity-incident-response-plan
  Cybersecurity Incident Response Plan
  ☆88Updated 4 years ago
• AndrewRathbun / KAPE-EZToolsAncillaryUpdater
  A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…
  ☆55Updated last year
• LetMeR00t / TA-thehive-cortex
  Technical add-on for Splunk related to TheHive/Cortex from TheHive project
  ☆52Updated 2 months ago
• redhat-infosec / priority-intelligence-requirements-dev
  This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements
  ☆115Updated last year