XDR-Alliance / Common-Information-ModelLinks
☆12Updated 2 years ago
Alternatives and similar repositories for Common-Information-Model
Users that are interested in Common-Information-Model are comparing it to the libraries listed below
Sorting:
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆33Updated last year
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆53Updated 2 years ago
- This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…☆16Updated 2 years ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆42Updated last month
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆43Updated 4 years ago
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆50Updated last week
- OSSEM Common Data Model☆55Updated 2 years ago
- ☆44Updated 3 months ago
- A tool that allows you to document and assess any security automation in your SOC☆46Updated 8 months ago
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆82Updated last year
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- Automatic detection engineering technical state compliance☆55Updated 11 months ago
- ☆95Updated 2 years ago
- 🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …☆71Updated last year
- Workflows for Shuffle☆23Updated 2 years ago
- The Event Maturity Matrix (EMM) is a comprehensive framework that provides clarity regarding the capabilities and nuances of SaaS audit l…☆21Updated last week
- ☆26Updated 3 years ago
- Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…☆65Updated last week
- Dettectinator - The Python library to your DeTT&CT YAML files.☆114Updated 2 months ago
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆20Updated last month
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆29Updated last year
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆44Updated last year
- MITRE Shield website☆19Updated 3 years ago
- A STIX 2.1 Extension Definition for the Course of Action (COA) object type. The nested property extension allows a COA to share machine-r…☆23Updated last year
- A lab environment for learning about MSTICPy☆37Updated 2 years ago
- ☆38Updated last week
- The Infosec Community Definitive Guide to Jupyter Notebooks☆122Updated 4 years ago
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆36Updated 5 months ago
- Collection of resources related to the Center for Threat-Informed Defense☆76Updated last year
- MSTIC Notebook Components☆32Updated 2 months ago