Alternatives and similar repositories for corelight-client

Users that are interested in corelight-client are comparing it to the libraries listed below

• corelight / zeek-long-connections
  Zeek package for tracking long connections to report them before they have completed.
  ☆30Updated 4 months ago
• tiburon-security / sriracha-iq
  Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…
  ☆18Updated 5 years ago
• corelight / json-streaming-logs
  Bro script package to create JSON formatted logs to stream into data analysis systems.
  ☆28Updated last year
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆35Updated last year
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated last month
• karthikkbala / MISP-QRadar-Integration
  The Project can be used to integrate QRadar with MISP Threat Sharing Platform
  ☆39Updated 3 years ago
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated last year
• Security-Onion-Solutions / securityonion-docker
  Docker files for Security Onion
  ☆41Updated 4 years ago
• sttor / osquery-wazuh-response
  Active Response plugin. Osquery to execute wazuh/ossec active response plugins. You can write your own plugins, easy to plug
  ☆10Updated 4 years ago
• MISP / best-practices-in-threat-intelligence
  Best practices in threat intelligence
  ☆47Updated 2 years ago
• corelight / Corelight-Ansible-Roles
  Corelight-Ansible-Roles are a collection of Ansible Roles and playbooks that install, configure, run and manage a variety of Corelight, S…
  ☆16Updated 3 years ago
• cisagov / pe-reports
  Automated process to build and distribute Posture & Exposure Reports' bi-weekly to customers.
  ☆17Updated last year
• 0xl3x1 / zeek-EternalSafety
  Zeek package for detecting the Eternal* exploits and a set of SMBv1 protocol violations.
  ☆19Updated 3 years ago
• Cyb3rWard0g / infosec-well-done
  A few quick recipes for those that do not have much time during the day
  ☆22Updated 7 months ago
• corelight / pycommunityid
  A Python implementation of the Community ID flow hashing standard
  ☆23Updated last year
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆12Updated 5 years ago
• autostructure / secure_windows
  Puppet module that hardens Windows Server to DoD STIG compliance
  ☆14Updated 5 years ago
• HKcyberstark / TI_Mod
  Threat Intelligence with Elastic - Minemeld integration with Elasticsearch
  ☆19Updated 4 years ago
• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆51Updated 4 months ago
• HKcyberstark / Vuln_Mod
  Vulnerability Assessment Module - OpenVas with Elastic stack using VulnWhisperer
  ☆19Updated 5 years ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆23Updated 2 years ago
• zeek / zeek-agent-framework
  This project is no longer maintained. There's a successor at https://github.com/zeek-packages/zeek-agent-v2
  ☆14Updated 4 years ago
• w8mej / ThreatPlays
  Sharing Threat Hunting runbooks
  ☆25Updated 5 years ago
• toniblyx / SANSCloudSecuritySummit2018
  Materials used and mentioned during my talk at SANS Cloud Security Summit 2018 in San Diego
  ☆23Updated 7 years ago
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆37Updated 2 years ago
• tenzir / zeek-tenzir
  Enables Zeek to communicate with Tenzir
  ☆11Updated last year
• zeek / zeek-docs
  Documentation for Zeek
  ☆50Updated this week
• opencybersecurityalliance / kestrel-jupyter
  Kestrel Jupyter Notebook Kernel
  ☆9Updated last year
• OTRF / openhunt
  ☆34Updated 3 years ago
• jsiwek / bro_vetting
  Bro scripts to monitor for new hosts within a subnet range that aren't whitelisted/vetted.
  ☆13Updated 11 years ago