TheIRGurus / Playbooks
Playbooks designed for IBM SOAR developed by The IR Gurus. These playbooks can be used to demonstrate how to design playbooks, perform automations, and expand your SOP library within your environment.
☆13Updated 6 months ago
Related projects ⓘ
Alternatives and complementary repositories for Playbooks
- Pulls IOCs from MISP and adds the to reference sets in QRadar☆33Updated last year
- Resilient Automation Functions and Scripts☆15Updated 2 years ago
- ☆58Updated last year
- This repository bundles various utilities and scripts I built for use with IBM QRadar SIEM☆15Updated 2 years ago
- ☆52Updated last year
- QRadar Export the rule set for printing☆21Updated 7 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- Reflex SOAR☆12Updated 2 years ago
- ☆26Updated 3 years ago
- ☆20Updated last year
- Source code for IBM SOAR Apps that are available on our App Exchange☆91Updated last week
- ☆85Updated 2 years ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- ☆1Updated 2 weeks ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆75Updated 5 months ago
- Convert Sigma rules to LogRhythm searches☆19Updated 2 years ago
- ☆41Updated 2 years ago
- 2021 SANS DFIR Summit: Greppin' Logs☆21Updated 3 years ago
- These workflows are provided for sample usage, new submissions and updates from the community, and are NOT supported by IBM.☆46Updated this week
- ☆31Updated 3 weeks ago
- A community event for security researchers to share their favorite notebooks☆106Updated 8 months ago
- ☆12Updated last year
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆48Updated 2 years ago
- Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.☆77Updated 3 months ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆38Updated 2 years ago
- Collection of useful, up to date, Carbon Black Response Queries☆83Updated 4 years ago
- Detection of obfuscated Powershell commands☆54Updated last year
- SentinelOne STAR Rules☆50Updated last year
- ☆77Updated 5 years ago