bluemountaincyber / avoiding-data-disastersLinks
☆12Updated last month
Alternatives and similar repositories for avoiding-data-disasters
Users that are interested in avoiding-data-disasters are comparing it to the libraries listed below
Sorting:
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆55Updated last year
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆74Updated last year
- A collection of various SIEM rules relating to malware family groups.☆66Updated last year
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆112Updated 7 months ago
- Repository for Cortex XDR and Cortex XSIAM XQL queries and more!☆30Updated last year
- Automating Security Detection Engineering, published by Packt☆57Updated 8 months ago
- ☆33Updated 7 months ago
- ☆45Updated 2 years ago
- A preconfigured Velociraptor triage collector☆52Updated last week
- Conference presentations☆47Updated last year
- ☆15Updated 2 years ago
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆29Updated last year
- A 30-day hands-on SOC Analyst project simulating real-world cyber attacks using ELK Stack, Mythic C2, osTicket & Elastic Defend. Covers t…☆30Updated 2 weeks ago
- Generate a matrix based on an inventory of InfoSec tools☆23Updated 11 months ago
- Security Scripts and Sources for daily usage.☆61Updated 2 weeks ago
- Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting☆65Updated 2 months ago
- An automated deployment tool that creates instrumented Azure environments with vulnerable systems for simulating attacks and testing Micr…☆52Updated 3 weeks ago
- ☆13Updated last year
- A self assessment tool to help understand your level in the SANS Vulnerability Management Maturity Model (VMMM).☆39Updated 3 months ago
- Cybether - A modern, open-source Cybersecurity Governance, Risk, and Compliance (GRC) dashboard☆79Updated 3 months ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆57Updated 3 years ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated last year
- A list of Splunk queries that I've collected and used over time.☆85Updated 4 years ago
- The ultimate repository for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆24Updated last month
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆44Updated last year
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆96Updated 7 months ago
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆53Updated 2 years ago
- Docker Crash Course: How to containerize your favorite security tools☆28Updated 2 years ago
- ☆44Updated last year