chronicle / cli
A CLI tool for managing Chronicle user workflows
☆14Updated 4 months ago
Related projects: ⓘ
- ☆26Updated last week
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆51Updated last year
- Python samples and utilities for Chronicle APIs☆76Updated this week
- Command line tool to interact with Chronicle's Config Based Normalizer (CBN) APIs.☆27Updated last year
- Automating Security Detection Engineering, published by Packt☆42Updated 3 months ago
- ☆66Updated 4 months ago
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆69Updated last week
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆84Updated last year
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆49Updated 2 years ago
- Collection of Jupyter Notebooks by @fr0gger_☆139Updated 2 weeks ago
- ☆14Updated 3 months ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆93Updated 6 months ago
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆45Updated 3 months ago
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆76Updated 8 months ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆55Updated 4 months ago
- Anvilogic Forge☆80Updated this week
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆24Updated 9 months ago
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆29Updated 8 months ago
- ☆79Updated last month
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆64Updated 6 months ago
- ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).☆84Updated last week
- A guide to simplify the process of evaluating Datadog's Cloud SIEM security capabilities to detect AWS threats.☆15Updated last year
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆25Updated last year
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆82Updated 8 months ago
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆15Updated 4 months ago
- A tool that allows you to document and assess any security automation in your SOC☆40Updated 4 months ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆65Updated last month
- ☆95Updated 3 months ago
- pocket guide for core detection engineering concepts☆27Updated last year
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆40Updated last week