bluemountaincyber / building-detections-aws
☆15Updated last year
Related projects: ⓘ
- ☆83Updated 2 years ago
- ☆40Updated last year
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆93Updated 6 months ago
- ☆13Updated 7 months ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆75Updated 4 months ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆58Updated 4 months ago
- Configuration Management (CM) Security Playground. A small enterprise security lab to practice automation + CM tooling like Ansible, Che…☆10Updated last month
- ☆12Updated last year
- ☆24Updated 10 months ago
- Conference presentations☆45Updated 11 months ago
- SPL cheatsheet for Splunk.☆20Updated last year
- Docker Crash Course: How to containerize your favorite security tools☆27Updated last year
- Public script from SANS FOR509 Enterprise Cloud Incident Response☆170Updated last week
- This repository contains Splunk queries to hunt some anomalies☆38Updated 2 years ago
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆51Updated last year
- ☆14Updated 3 months ago
- A list of Splunk queries that I've collected and used over time.☆70Updated 3 years ago
- Distribution of the SANS SEC504 Windows Cheat Sheet Lab☆64Updated 4 years ago
- A tool that allows you to document and assess any security automation in your SOC☆40Updated 4 months ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆113Updated 9 months ago
- Generate Indexes from SANS PDFs☆15Updated 3 months ago
- Dashboard for conducting Backdoors and Breaches sessions over Zoom.☆53Updated 2 months ago
- Automating Security Detection Engineering, published by Packt☆42Updated 3 months ago
- Serverless AWS application to upload and hash evidence files.☆19Updated last year
- This repository is a comprehensive collection of resources, documentation, apps, and add-ons related to Splunk, a powerful data analytics…☆20Updated this week
- ☆20Updated last year
- ☆41Updated 3 years ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆55Updated 4 months ago
- A port of BHIS's Backdoors & Breaches for playingcards.io☆59Updated last year
- A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense☆68Updated 9 months ago