cisagov / shareable-soar-workflows
This is a repository of vendor-agnostic workflows provided for those interested in deploying Security Orchestration, Automation, and Response capabilities within their organizations.
☆74Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for shareable-soar-workflows
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆97Updated this week
- ☆66Updated 3 months ago
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆58Updated this week
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆45Updated 5 months ago
- ☆87Updated 2 years ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆104Updated 2 weeks ago
- A web application for generating, parsing and validating, manipulating, and visualizing CACAO v2.0 playbooks.☆24Updated 8 months ago
- MISP-STIX-Converter - Python library to handle the conversion between MISP and STIX formats☆50Updated this week
- The FASTEST way to consume threat intel.☆64Updated last year
- STIX2 graph visualisation library in JS☆85Updated this week
- A community event for security researchers to share their favorite notebooks☆106Updated 9 months ago
- ☆41Updated 2 years ago
- A curated repository of incident response playbooks☆63Updated last year
- The Infosec Community Definitive Guide to Jupyter Notebooks☆115Updated 4 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆141Updated last year
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆138Updated 2 months ago
- A tool that allows you to document and assess any security automation in your SOC☆41Updated 3 weeks ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆116Updated 11 months ago
- ☆27Updated 3 years ago
- A collection of tips for using MISP.☆74Updated 7 months ago
- This repository holds the necessary content to produce the D3FEND ontology distribution.☆59Updated 2 weeks ago
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆123Updated 8 months ago
- Swagger/ OpenAPI specifications for security products and services☆73Updated last month
- Resources for SANS CTI Summit 2021 presentation☆102Updated last year
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆42Updated 2 weeks ago
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆204Updated last year
- Public static website for the D3FEND project. For the D3FEND ontology repo see: https://github.com/d3fend/d3fend-ontology☆72Updated 3 weeks ago
- A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.☆182Updated this week
- ☆83Updated 3 months ago
- Notes on managing and coordinating the response to major cyber incidents☆39Updated 4 years ago