center-for-threat-informed-defense / insider-threat-ttp-kbLinks
The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders in the IT environment. It will establish an Insider Threat TTP Knowledge Base, built upon data collected on insider threat incidents and lessons learned and experience from the ATT&CK knowledge base.
☆144Updated 3 weeks ago
Alternatives and similar repositories for insider-threat-ttp-kb
Users that are interested in insider-threat-ttp-kb are comparing it to the libraries listed below
Sorting:
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆133Updated last year
- Dettectinator - The Python library to your DeTT&CT YAML files.☆114Updated 2 months ago
- ☆95Updated 2 years ago
- OSSEM Detection Model☆176Updated 2 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆151Updated 3 months ago
- 🚨ATTENTION🚨 The CVE mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as…☆238Updated last year
- Rules generated from our investigations.☆195Updated 2 weeks ago
- Creating a resource to help build and manage an Insider Threat program.☆70Updated 4 months ago
- A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.☆218Updated 2 months ago
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆205Updated 5 years ago
- An opensource sigma conversion tool built using pysigma☆130Updated last week
- Sigma rules from Joe Security☆216Updated 7 months ago
- This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…☆71Updated 3 years ago
- Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CK® with a prioritized top 10 list of techniques t…☆118Updated 3 weeks ago
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆50Updated 3 months ago
- an excel-centric approach for the MITRE ATT&CK® Tactics and Techniques☆186Updated 3 years ago
- Pathfinder is a plugin for mapping network vulnerabilities, scanned by CALDERA or imported by a supported network scanner, and translatin…☆126Updated 2 months ago
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆155Updated 4 months ago
- The Infosec Community Definitive Guide to Jupyter Notebooks☆122Updated 4 years ago
- This content is analysis and research of the data sources currently listed in ATT&CK.☆412Updated last year
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆64Updated last year
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆369Updated 5 months ago
- Resources for SANS CTI Summit 2021 presentation☆103Updated last year
- A community event for security researchers to share their favorite notebooks☆107Updated last year
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆255Updated 3 months ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆185Updated 9 months ago
- 🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …☆71Updated last year
- Detection Ideas & Rules repository.☆179Updated 3 years ago
- A repository of my own Sigma detection rules.☆160Updated 9 months ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆112Updated 7 months ago