amrandazz / cloud-threat-detection
Cloud threat detection visualization from excalidraw
☆12Updated 3 years ago
Alternatives and similar repositories for cloud-threat-detection
Users that are interested in cloud-threat-detection are comparing it to the libraries listed below
Sorting:
- A collection of ARM-based detections for Azure/AzureAD based TTPs☆85Updated last year
- Repository with supporting materials for Invictus Academy/Training☆43Updated 4 months ago
- ☆41Updated 2 months ago
- Welcome to the Cloud Security Toolkit repository, your all-in-one destination for cutting-edge cloud security resources! Whether you're d…☆25Updated last week
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆53Updated 2 years ago
- Solution to deploy a Sentinel playground demo environment☆57Updated last year
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆29Updated last year
- Lightweight security tool for auditing your organization's Conditional Access Policies (CAPs) in Microsoft Entra ID for potential misconf…☆70Updated 2 months ago
- Jupyter notebooks☆25Updated 4 years ago
- Azure Activity Log Axe is a continually developing tool that simplifies the transactional log format provided by Microsoft. The tool leve…☆27Updated 8 months ago
- ThreatModel for Azure Storage - Library of all the attack scenarios on Azure Storage, and how to mitigate them following a risk-based app…☆59Updated last year
- ☆29Updated 6 months ago
- ☆47Updated last month
- REST server that can analyze Kusto KQL queries against the Sentinel and Microsoft 365 Defender schemas.☆32Updated 3 months ago
- ☆14Updated 4 years ago
- ☆55Updated 9 months ago
- ☆45Updated this week
- Defending IaaS with ATT&CK is a project to create a collection of ATT&CK techniques relevant to a Linux IaaS environment, as well as a me…☆14Updated last year
- An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micr…☆42Updated 2 weeks ago
- Knowledge Report Alert & Normalization Generator☆27Updated last year
- ADXFlowmaster helps SecOps teams Threat Hunt suspicious network traffic inside & outside of Azure.☆36Updated 6 months ago
- ☆18Updated 3 years ago
- Security Scanner based on CIS benchmark 1.1 inspired by Scout2☆53Updated 2 years ago
- This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…☆16Updated 2 years ago
- ☆65Updated 9 months ago
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆42Updated 4 years ago
- ☆26Updated last year
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆73Updated last year
- Ingesting Shodan Monitor Alerts to Microsoft Sentinel☆34Updated last year
- Powershell Based tool for gathering information related to O365 intrusions and potential Breaches☆14Updated 4 months ago