Alternatives and similar repositories for osquery-defense-kit

Users that are interested in osquery-defense-kit are comparing it to the libraries listed below

• DataDog / threatest
  Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
  ☆332Updated 4 months ago
• panther-labs / panther-analysis
  Built-in Panther detection rules and policies
  ☆417Updated this week
• elastic / dorothy
  Dorothy is a tool to test security monitoring and detection for Okta environments
  ☆186Updated last year
• threathunters-io / laurel
  Transform Linux Audit logs for SIEM usage
  ☆782Updated 2 weeks ago
• FoxIO-LLC / LogSlash
  A standard for reducing log volume without sacrificing analytical capability
  ☆209Updated 6 months ago
• google / cloud-forensics-utils
  Python library to carry out DFIR analysis on the Cloud
  ☆485Updated last month
• ocsf / ocsf-schema
  OCSF Schema
  ☆718Updated 2 weeks ago
• cado-security / varc
  Volatile Artifact Collector collects a snapshot of volatile data from a system. It tells you what is happening on a system, and is of par…
  ☆256Updated 9 months ago
• 0x4D31 / detection-and-response-pipeline
  ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …
  ☆283Updated last year
• SecurityBrewery / catalyst
  ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident…
  ☆424Updated last month
• facebookincubator / TTPForge
  The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).
  ☆394Updated this week
• atc-project / atc-react
  A knowledge base of actionable Incident Response techniques
  ☆648Updated 3 years ago
• jmpsec / osctrl
  Fast and efficient osquery management
  ☆460Updated this week
• jatrost / awesome-detection-rules
  This is a collection of threat detection rules / rules engines that I have come across.
  ☆296Updated last year
• jamf / aftermath
  Aftermath is a free macOS IR framework
  ☆535Updated last week
• jatrost / awesome-kubernetes-threat-detection
  A curated list of resources about detecting threats and defending Kubernetes systems.
  ☆392Updated last year
• threatcl / threatcl
  Documenting your Threat Models with HCL
  ☆433Updated 3 months ago
• brexhq / substation
  Substation is a toolkit for routing, normalizing, and enriching security event and audit logs.
  ☆378Updated 3 weeks ago
• chronicle / detection-rules
  Collection of example YARA-L rules for use within Google Security Operations
  ☆432Updated 3 weeks ago
• Permiso-io-tools / CloudGrappler
  ☆261Updated 9 months ago
• palantir / osquery-configuration
  A repository for using osquery for incident detection and response
  ☆860Updated 3 years ago
• sublime-security / sublime-platform
  A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contr…
  ☆226Updated last week
• google / dfiq
  DFIQ is a collection of investigative questions and the approaches for answering them
  ☆291Updated 7 months ago
• sttor / awesome-osquery
  Osquery Resources
  ☆62Updated 6 years ago
• hashicorp-forge / grove
  A Software as a Service (SaaS) log collection framework.
  ☆177Updated last week
• target / strelka
  Real-time, container-based file scanning at enterprise scale
  ☆942Updated last month
• cisagov / crossfeed
  External monitoring for organization assets
  ☆411Updated last year
• sublime-security / sublime-rules
  Sublime rules for email attack detection, prevention, and threat hunting.
  ☆324Updated this week
• guardsight / gsvsoc_cirt-playbook-battle-cards
  Cyber Incident Response Team Playbook Battle Cards
  ☆409Updated last year
• ocsf / ocsf-docs
  OCSF Documentation
  ☆139Updated 2 months ago