Alternatives and similar repositories for cbn-tool

Users that are interested in cbn-tool are comparing it to the libraries listed below

• chronicle / ingestion-scripts
  ☆32Updated 2 months ago
• chronicle / cli
  A CLI tool for managing Chronicle user workflows
  ☆18Updated last year
• chronicle / api-samples-python
  Python samples and utilities for Chronicle APIs
  ☆83Updated this week
• PacktPublishing / Automating-Security-Detection-Engineering
  Automating Security Detection Engineering, published by Packt
  ☆54Updated 7 months ago
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆67Updated last year
• center-for-threat-informed-defense / cloud-analytics
  Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…
  ☆53Updated 2 years ago
• OTRF / infosec-jupyter-book
  The Infosec Community Definitive Guide to Jupyter Notebooks
  ☆121Updated 4 years ago
• amalone341 / YARA-L-Work
  Collection of detection rules written in YARA-L.
  ☆24Updated last year
• center-for-threat-informed-defense / summiting-the-pyramid
  Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…
  ☆41Updated 3 weeks ago
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆57Updated 3 years ago
• gertjanbruggink / metrics
  This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.
  ☆112Updated 6 months ago
• msraju / Incident-Response-Playbooks
  ☆44Updated 2 years ago
• chronicle / detection-rules
  Collection of example YARA-L rules for use within Google Security Operations
  ☆403Updated this week
• PacktPublishing / Practical-Threat-Detection-Engineering
  Practical Threat Detection Engineering, Published by Packt
  ☆71Updated last year
• socprime / the-prime-hunt
  A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation
  ☆77Updated last year
• k-bailey / detection-engineering-maturity-matrix
  ☆95Updated 2 years ago
• tuckner / automation-capability-matrix
  A tool that allows you to document and assess any security automation in your SOC
  ☆46Updated 7 months ago
• OTRF / infosec-jupyterthon
  A community event for security researchers to share their favorite notebooks
  ☆107Updated last year
• splunk / salo
  Synthetic Adversarial Log Objects: A Framework for synthentic log generation
  ☆81Updated last year
• mbabinski / Sigma-Rules
  A repository of my own Sigma detection rules.
  ☆160Updated 8 months ago
• west-wind / Threat-Hunting-With-Splunk
  Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
  ☆63Updated last year
• dlcowen / sansfor509
  Public script from SANS FOR509 Enterprise Cloud Incident Response
  ☆201Updated 8 months ago
• invictus-ir / aws-cheatsheet
  A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
  ☆74Updated last year
• StrangeBeeCorp / thehive-templates
  ☆26Updated 2 months ago
• shauntdergrigorian / splunkqueries
  A list of Splunk queries that I've collected and used over time.
  ☆83Updated 4 years ago
• CyberConTraining / DDTTX
  DDTTX Tabletop Trainings
  ☆28Updated 3 years ago
• OTRF / GenAI-Security-Adventures
  ☆104Updated last year
• muchdogesec / txt2stix
  Extracts IoCs, TTPs and the relationships between them. Outputs a STIX 2.1 bundle.
  ☆57Updated this week
• bluemountaincyber / building-detections-aws
  ☆15Updated 2 years ago
• goog-cmmartin / thatsiemguy
  Content related to medium.com/@thatsiemguy
  ☆14Updated 2 weeks ago