center-for-threat-informed-defense / insider-threat-ttp-kbLinks
The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.
☆146Updated 3 months ago
Alternatives and similar repositories for insider-threat-ttp-kb
Users that are interested in insider-threat-ttp-kb are comparing it to the libraries listed below
Sorting:
- ☆98Updated 3 years ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆117Updated 6 months ago
- OSSEM Detection Model☆180Updated 3 years ago
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆139Updated last year
- SIEGMA - Transform Sigma rules into SIEM consumables☆156Updated 7 months ago
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆50Updated 4 months ago
- Creating a resource to help build and manage an Insider Threat program.☆99Updated 8 months ago
- Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…☆82Updated this week
- 🚨ATTENTION🚨 The CVE mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as…☆241Updated last year
- 🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …☆72Updated last year
- Sublime rules for email attack detection, prevention, and threat hunting.☆329Updated this week
- Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CK® with a prioritized top 10 list of techniques t…☆118Updated 4 months ago
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆388Updated this week
- Threat Hunting queries for various attacks☆239Updated this week
- Rules generated from our investigations.☆202Updated 4 months ago
- ☆128Updated last year
- This content is analysis and research of the data sources currently listed in ATT&CK.☆411Updated 2 years ago
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆212Updated 5 years ago
- This is a collection of threat detection rules / rules engines that I have come across.☆299Updated last year
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆114Updated 11 months ago
- Resources To Learn And Understand SIGMA Rules☆181Updated 2 years ago
- The Infosec Community Definitive Guide to Jupyter Notebooks☆126Updated 5 years ago
- This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…☆73Updated 4 years ago
- An opensource sigma conversion tool built using pysigma☆141Updated last week
- Sigma rules from Joe Security☆223Updated 11 months ago
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆267Updated 7 months ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆66Updated last year
- an excel-centric approach for the MITRE ATT&CK® Tactics and Techniques☆189Updated 3 years ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆219Updated last year
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆163Updated 7 months ago