center-for-threat-informed-defense / defending-ot-with-attack
Defending OT with ATT&CK provides a customized threat collection tailored to the attack surface and threat model of operational technology environments.
☆11Updated 2 months ago
Related projects ⓘ
Alternatives and complementary repositories for defending-ot-with-attack
- ICS Security Labs☆34Updated 3 years ago
- ☆43Updated 3 weeks ago
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…☆23Updated 2 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆47Updated last week
- A collection of various SIEM rules relating to malware family groups.☆61Updated 4 months ago
- A collection of tips for using MISP.☆74Updated 7 months ago
- A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense☆74Updated 10 months ago
- An assessment tool to interact with Velocio PLCs☆13Updated 3 years ago
- A risk rating calculation methodology that uses the OWASP Risk Rating Methodology as a basis.☆27Updated 2 months ago
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆48Updated 2 years ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆38Updated 6 months ago
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆34Updated 2 years ago
- ICS/OT related Wireshark profiles + adding some other (IT or OT related) Open Source Wireshark Profiles☆16Updated this week
- Operational Technology Cyber Attack Database☆44Updated 2 years ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆50Updated 2 weeks ago
- User Feedback Space of #MitreAssistant☆37Updated last year
- The ICS Advisory Project is an open-source project to provide DHS CISA ICS Advisories data in Comma Separated Value (CSV) format to suppo…☆71Updated this week
- Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General☆23Updated 2 years ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆51Updated 2 weeks ago
- ☆28Updated 3 years ago
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆44Updated 7 months ago
- Jupyter Univere is a search engine for all infosec jupyter notebooks☆19Updated 3 months ago
- The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆22Updated 2 months ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆47Updated last year
- Practical Threat Detection Engineering, Published by Packt☆58Updated last year
- ☆13Updated 2 years ago
- ☆66Updated 2 months ago
- Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting☆57Updated 2 weeks ago