TheIRGurus / Playbooks
Playbooks designed for IBM SOAR developed by The IR Gurus. These playbooks can be used to demonstrate how to design playbooks, perform automations, and expand your SOP library within your environment.
☆14Updated 11 months ago
Alternatives and similar repositories for Playbooks:
Users that are interested in Playbooks are comparing it to the libraries listed below
- Resilient Automation Functions and Scripts☆15Updated 3 years ago
- Pulls IOCs from MISP and adds the to reference sets in QRadar☆34Updated 2 years ago
- Example scripts and rules for use in Resilient playbooks.☆34Updated last year
- QRadar Export the rule set for printing☆22Updated 7 years ago
- ☆26Updated last month
- ☆58Updated last year
- Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.☆82Updated 3 weeks ago
- ☆58Updated last year
- 2021 SANS DFIR Summit: Greppin' Logs☆20Updated 3 years ago
- Source code for IBM SOAR Apps that are available on our App Exchange☆92Updated this week
- ☆26Updated 3 years ago
- This repository bundles various utilities and scripts I built for use with IBM QRadar SIEM☆16Updated 5 months ago
- These workflows are provided for sample usage, new submissions and updates from the community, and are NOT supported by IBM.☆50Updated last week
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆53Updated 2 years ago
- Python Library for the IBM SOAR REST API, a Python SDK for developing Apps for IBM SOAR and more...☆41Updated last month
- ☆77Updated 5 years ago
- Repository for SPEED SIEM Use Case Framework☆53Updated 4 years ago
- ☆34Updated 6 months ago
- A script that updates KAPE (using Get-KAPEUpdate.ps1) as well as EZ Tools (within .\KAPE\Modules\bin) and the ancillary files that enhanc…☆55Updated 2 months ago
- ☆131Updated last year
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆53Updated this week
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆39Updated 2 years ago
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆52Updated 2 years ago
- Notes on managing and coordinating the response to major cyber incidents☆40Updated 4 years ago
- Convert Sigma rules to LogRhythm searches☆21Updated 3 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆108Updated 5 years ago
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆37Updated 3 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 3 years ago
- Carbon Black Feeds☆72Updated 2 years ago
- ☆72Updated 6 months ago