center-for-threat-informed-defense / defending-ot-with-attack
Defending OT with ATT&CK provides a customized threat collection tailored to the attack surface and threat model of operational technology environments.
☆11Updated 2 months ago
Related projects ⓘ
Alternatives and complementary repositories for defending-ot-with-attack
- This project aims to bridge the gap between Microsoft Attack Surface Reduction (ASR) rules and MITRE ATT&CK by mapping ASR rules to their…☆23Updated this week
- A collection of reports and case studies to understand the threat landscape for UK critical infrastructure☆38Updated 9 months ago
- ICS Security Labs☆34Updated 3 years ago
- This Repository gives the best and possible strategies against hunting the ransomware☆24Updated 2 years ago
- ☆43Updated last month
- A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense☆75Updated 11 months ago
- ☆66Updated 3 months ago
- User Feedback Space of #MitreAssistant☆37Updated last year
- Sigma detection rules for hunting with the threathunting-keywords project☆47Updated 2 weeks ago
- A repository to help CTI teams tackle the challenges around collection and research by providing guidance from experienced practitioners☆59Updated 3 weeks ago
- Operational Technology Cyber Attack Database☆44Updated 2 years ago
- The ICS Advisory Project is an open-source project to provide DHS CISA ICS Advisories data in Comma Separated Value (CSV) format to suppo…☆72Updated this week
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆75Updated 6 months ago
- Conference presentations☆47Updated last year
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆38Updated 6 months ago
- ☆41Updated 2 years ago
- This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team☆15Updated last month
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆52Updated 3 weeks ago
- A repository for tracking events related to the MOVEit Transfer Cl0p Campaign☆67Updated last year
- Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General☆23Updated 2 years ago
- Documentation and guidance to practice secure coding for various PLC vendors☆34Updated last year
- ☆48Updated last year
- ☆28Updated 4 years ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆27Updated last month
- A collection of tips for using MISP.☆74Updated 7 months ago
- My Jupyter Notebooks☆36Updated 7 months ago
- The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆22Updated 3 months ago
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆34Updated 2 years ago
- Repository where I hold random detection and threat hunting queries that I come up with based on different sources of information (or eve…☆38Updated 2 weeks ago