Alternatives and similar repositories for Playbooks:

Users that are interested in Playbooks are comparing it to the libraries listed below

• IBM / wincollect
  ☆58Updated last year
• PolarBearGod / CrowdStrike-RTR-Scripts
  ☆26Updated 3 years ago
• jjfallete / resilient
  Resilient Automation Functions and Scripts
  ☆15Updated 3 years ago
• ibmresilient / resilient-scripts
  Example scripts and rules for use in Resilient playbooks.
  ☆34Updated last year
• syloktools / MISP-QRADAR-REFERENCE-SET-BUILDER
  Pulls IOCs from MISP and adds the to reference sets in QRadar
  ☆34Updated last year
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆53Updated 4 years ago
• reflexsoar / reflex
  Reflex SOAR
  ☆12Updated 3 years ago
• strozfriedberg / greppin-logs
  2021 SANS DFIR Summit: Greppin' Logs
  ☆21Updated 3 years ago
• SentineLabs / S1QL-Queries
  ☆57Updated last year
• cudeso / misp2sentinel
  MISP to Sentinel integration
  ☆63Updated this week
• josh-morin / qradar
  Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.
  ☆80Updated 7 months ago
• le0li9ht / Microsoft-Sentinel-Queries
  KQL queries for cyber defense and for solving daily issues
  ☆48Updated 2 months ago
• LogRhythm-Tools / LogRhythm.Tools
  LogRhythm PowerShell Toolkit
  ☆50Updated 2 months ago
• msraju / Incident-Response-Playbooks
  ☆42Updated 2 years ago
• socprime / the-prime-hunt
  A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation
  ☆77Updated 10 months ago
• reprise99 / kql-for-dfir
  A guide to using Azure Data Explorer and KQL for DFIR
  ☆102Updated 2 years ago
• guardsight / gsvsoc_cybersecurity-incident-response-plan
  Cybersecurity Incident Response Plan
  ☆89Updated 4 years ago
• ibmresilient / resilient-community-apps
  Source code for IBM SOAR Apps that are available on our App Exchange
  ☆92Updated this week
• DaRuudii / qradar-utils
  This repository bundles various utilities and scripts I built for use with IBM QRadar SIEM
  ☆16Updated 4 months ago
• Intellisec-Solutions / Sentinel2D3FEND
  This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…
  ☆71Updated 3 years ago
• bk-cs / rtr
  Real-time Response scripts and schema
  ☆110Updated last year
• ReconInfoSec / velociraptor-to-timesketch
  ☆6Updated 5 months ago
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆72Updated 5 months ago
• k-bailey / detection-engineering-maturity-matrix
  ☆93Updated 2 years ago
• WillOram / AzureAD-incident-response
  Notes on responding to security breaches relating to Azure AD
  ☆109Updated 3 years ago
• 3CORESec / SIEGMA
  SIEGMA - Transform Sigma rules into SIEM consumables
  ☆149Updated 3 weeks ago
• IBM / IBM-QRadar-Universal-Cloud-REST-API
  These workflows are provided for sample usage, new submissions and updates from the community, and are NOT supported by IBM.
  ☆50Updated 2 months ago
• NdS-Research-Facilities / QRadar-ruleset
  QRadar Export the rule set for printing
  ☆22Updated 7 years ago
• YongRhee-MDE / LiveResponse
  M365 MDATP Live Response sample scripts
  ☆69Updated 5 months ago
• keyboardcrunch / sentinelone-queries
  Repository of SentinelOne Deep Visibility queries.
  ☆125Updated 3 years ago