Alternatives and similar repositories for Corelight-Ansible-Roles

Users that are interested in Corelight-Ansible-Roles are comparing it to the libraries listed below

• HKcyberstark / TI_Mod
  Threat Intelligence with Elastic - Minemeld integration with Elasticsearch
  ☆19Updated 4 years ago
• juju4 / ansible-MISP
  ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing
  ☆54Updated 2 weeks ago
• tiburon-security / sriracha-iq
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Updated 5 years ago
• Alir3z4 / ansible-suricata
  An Ansible playbook for deploying the Suricata intrusion detection system and fetching Snort rules with Oinkmaster.
  ☆16Updated 3 years ago
• opencybersecurityalliance / kestrel-jupyter
  Kestrel Jupyter Notebook Kernel
  ☆9Updated last year
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated this week
• harvard-itsecurity / qradar-seculert-push
  Push "BAD" IPs/Networks into QRadar's "Remote Networks", tag them properly, and use them!
  ☆18Updated 11 years ago
• StamusNetworks / KTS6
  Kibana 6 Templates for Suricata IDPS Threat Hunting
  ☆24Updated 6 years ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆35Updated last year
• blookot / rsa2elk
  Converts Netwitness log parser configuration to Logstash configuration
  ☆20Updated 4 years ago
• mitre / mitre-saf
  Landing Page Content/Builder for MITRE Security Automation Framework
  ☆29Updated last week
• juju4 / ansible-zeek
  setup zeek, previously Bro IDS
  ☆18Updated last month
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated 2 years ago
• atc-project / atc-mitigation
  Actionable analytics designed to combat threats based on MITRE's ATT&CK.
  ☆22Updated 5 years ago
• sealingtech / EDCOP
  Expandable Defensive Cyber Operations Platform
  ☆43Updated 2 years ago
• Truvis / Splunk_TA_Truvis_Suricata5
  This TA takes Suricata5 data from your port mirrored Suricata server and makes it readable within Splunk. See Cheatsheets on how to setup…
  ☆15Updated 4 years ago
• philhagen / timeshift
  A python script to shift the timestamp on syslog data. Useful for forensicators combating time skew.
  ☆21Updated 3 years ago
• PaloAltoNetworks / minemeld-ansible
  Ansible playbook for installing MineMeld on Linux
  ☆48Updated 4 years ago
• wazuh / wazuh-splunk
  Wazuh - Splunk App
  ☆55Updated 9 months ago
• gyrospectre / squyre
  Security Alert Decoration
  ☆27Updated last month
• CptOfEvilMinions / ChooseYourSIEMAdventure
  ☆18Updated 3 years ago
• mitre / redhat-enterprise-linux-7-stig-baseline
  InSpec profile to validate the secure configuration of Red Hat Enterprise Linux 7, against DISA's Red Hat Enterprise Linux 7 Security Tec…
  ☆14Updated 5 months ago
• HASecuritySolutions / TacticalDataHandlingatScalewithLogstash
  Contains log samples and configuration files for the Tactical Data Handling at Scale with Logstash course
  ☆10Updated 5 years ago
• corelight / json-streaming-logs
  Bro script package to create JSON formatted logs to stream into data analysis systems.
  ☆28Updated last year
• CyberSift / OSQUERY-PACKS
  Osquery Packs we use for customer security hardening
  ☆12Updated 8 months ago
• ComplianceAsCode / oscal
  OSCAL SSP content for technologies shipped by Red Hat
  ☆15Updated 2 years ago
• sttor / osquery-wazuh-response
  Active Response plugin. Osquery to execute wazuh/ossec active response plugins. You can write your own plugins, easy to plug
  ☆10Updated 5 years ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆23Updated 2 years ago
• teamdfir / sift-packer-legacy
  Packer.io Scripts to build the SIFT VM(s)
  ☆11Updated 4 years ago
• PaloAltoNetworks / minemeld-misp
  MineMeld nodes for MISP
  ☆19Updated last year