center-for-threat-informed-defense / cloud-analyticsView external linksLinks
Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as well as a blueprint for how others can create and use cloud analytics effectively.
☆54Apr 25, 2023Updated 2 years ago
Alternatives and similar repositories for cloud-analytics
Users that are interested in cloud-analytics are comparing it to the libraries listed below
Sorting:
- HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…☆17Jun 11, 2024Updated last year
- Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud☆362Jun 12, 2024Updated last year
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆389Apr 3, 2024Updated last year
- This is a collection of threat detection rules / rules engines that I have come across.☆296May 5, 2024Updated last year
- ☆23Nov 13, 2021Updated 4 years ago
- CRACK AND CHECK HASH TYPES IN BULK☆13Jul 28, 2021Updated 4 years ago
- [DEPRECATED] An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This r…☆13Aug 16, 2023Updated 2 years ago
- ☆11Apr 22, 2022Updated 3 years ago
- ☆13Oct 29, 2024Updated last year
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆53Feb 6, 2026Updated last week
- Adversary Emulation Planner☆42Jan 9, 2026Updated last month
- Tweets when new GCP IAM updates are found☆12Updated this week
- Jekyll Files for cloudsecwiki.com☆49Sep 16, 2021Updated 4 years ago
- Example of a serverless web reconaissance workflow's AWS architecture.☆11Feb 25, 2023Updated 2 years ago
- Provides an advanced baseline to implement a secure Windows auditing strategy on Windows OS.☆60Jun 9, 2025Updated 8 months ago
- PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…☆51Aug 15, 2019Updated 6 years ago
- Public release of Whalehoney Honeypot☆29Mar 21, 2022Updated 3 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 4 years ago
- A CLI wrapper for libmodsecurity (v3.0.10)☆13Nov 22, 2023Updated 2 years ago
- Pythonize Intruder Payload☆13Dec 15, 2020Updated 5 years ago
- PoC for extracting office files into PDF file metadata☆11Sep 11, 2019Updated 6 years ago
- ☆20Feb 6, 2024Updated 2 years ago
- A PowerShell script to prevent Sysmon from writing its events☆16Apr 23, 2020Updated 5 years ago
- example workbook for Azure cost Management☆16Nov 17, 2021Updated 4 years ago
- Simple tmux session management.☆16Dec 16, 2023Updated 2 years ago
- ☆18Sep 14, 2023Updated 2 years ago
- Kibana app for RedELK☆18Mar 19, 2023Updated 2 years ago
- Cloud Security Posture security policies☆32Nov 28, 2025Updated 2 months ago
- OSSEM Modular☆27Jun 29, 2020Updated 5 years ago
- Reproducible and extensible BloodHound playbooks☆44Jan 20, 2020Updated 6 years ago
- ☆17May 17, 2023Updated 2 years ago
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆24Dec 5, 2025Updated 2 months ago
- Repository to archive GCP Documentation for local use☆16Feb 11, 2025Updated last year
- A guide to simplify the process of evaluating Datadog's Cloud SIEM security capabilities to detect AWS threats.