bluemountaincyber / building-detections-aws

Related projects: ⓘ

• k-bailey / detection-engineering-maturity-matrix
  ☆83Updated 2 years ago
• msraju / Incident-Response-Playbooks
  ☆40Updated last year
• gertjanbruggink / metrics
  This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.
  ☆93Updated 6 months ago
• bluemountaincyber / building-detections-azure
  ☆13Updated 7 months ago
• socprime / the-prime-hunt
  A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation
  ☆75Updated 4 months ago
• invictus-ir / aws-cheatsheet
  A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
  ☆58Updated 4 months ago
• iknowjason / CMLab
  Configuration Management (CM) Security Playground. A small enterprise security lab to practice automation + CM tooling like Ansible, Che…
  ☆10Updated last month
• bluemountaincyber / avoiding-data-disasters
  ☆12Updated last year
• secnnet / Splunk-Search-Queries
  ☆24Updated 10 months ago
• malwarejake-public / conference-presentations
  Conference presentations
  ☆45Updated 11 months ago
• christian-taillon / splunk-spl
  SPL cheatsheet for Splunk.
  ☆20Updated last year
• Resistor52 / DockerCrashCourse
  Docker Crash Course: How to containerize your favorite security tools
  ☆27Updated last year
• dlcowen / sansfor509
  Public script from SANS FOR509 Enterprise Cloud Incident Response
  ☆170Updated last week
• signorrayan / SplunkThreatHunting
  This repository contains Splunk queries to hunt some anomalies
  ☆38Updated 2 years ago
• center-for-threat-informed-defense / cloud-analytics
  Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…
  ☆51Updated last year
• alatif113 / mitre_attck_heatmap
  ☆14Updated 3 months ago
• shauntdergrigorian / splunkqueries
  A list of Splunk queries that I've collected and used over time.
  ☆70Updated 3 years ago
• MarkBaggett / 504lab
  Distribution of the SANS SEC504 Windows Cheat Sheet Lab
  ☆64Updated 4 years ago
• tuckner / automation-capability-matrix
  A tool that allows you to document and assess any security automation in your SOC
  ☆40Updated 4 months ago
• redhat-infosec / priority-intelligence-requirements-dev
  This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements
  ☆113Updated 9 months ago
• LucasFaudman / sans-index-generator
  Generate Indexes from SANS PDFs
  ☆15Updated 3 months ago
• blackhillsinfosec / play.backdoorsandbreaches.com
  Dashboard for conducting Backdoors and Breaches sessions over Zoom.
  ☆53Updated 2 months ago
• PacktPublishing / Automating-Security-Detection-Engineering
  Automating Security Detection Engineering, published by Packt
  ☆42Updated 3 months ago
• bluemountaincyber / evidence-app
  Serverless AWS application to upload and hash evidence files.
  ☆19Updated last year
• MrM8BRH / Splunk
  This repository is a comprehensive collection of resources, documentation, apps, and add-ons related to Splunk, a powerful data analytics…
  ☆20Updated this week
• StrangeBeeCorp / thehive-templates
  ☆20Updated last year
• megan201296 / gsuite-dfir
  ☆41Updated 3 years ago
• west-wind / Threat-Hunting-With-Splunk
  Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
  ☆55Updated 4 months ago
• FirmGuardian / backdoors-and-breaches-pcio
  A port of BHIS's Backdoors & Breaches for playingcards.io
  ☆59Updated last year
• tidalcyber / cyber-threat-profiling
  A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense
  ☆68Updated 9 months ago