Repository for SPEED SIEM Use Case Framework
☆60May 2, 2020Updated 6 years ago
Alternatives and similar repositories for SPEED-SIEM-Use-Case-Framework
Users that are interested in SPEED-SIEM-Use-Case-Framework are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Automated Use Case Testing☆172May 1, 2018Updated 8 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆111Feb 6, 2020Updated 6 years ago
- FIles and guides related to using Elasticstack as a SIEM☆12May 16, 2020Updated 6 years ago
- CyLR - Live Response Collection Tool☆10Jul 14, 2020Updated 5 years ago
- TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response☆13Jul 13, 2020Updated 5 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Incident Response Report Using GitHub-Sphinx☆21Oct 28, 2019Updated 6 years ago
- RID Hijacking Proof of Concept script by Kevin Joyce☆15Oct 30, 2018Updated 7 years ago
- Repository to track community hardware, data and funding.☆12Apr 8, 2022Updated 4 years ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19May 11, 2021Updated 5 years ago
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆573Dec 12, 2021Updated 4 years ago
- Some YARA rules i will add from time to time☆12May 31, 2019Updated 7 years ago
- A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.☆997Aug 26, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆21Jul 1, 2023Updated 3 years ago
- Security even with a small budget - there is no excuse!☆20May 24, 2023Updated 3 years ago
- Integrate IBM QRadar and RPA to automate security L1 tasks.☆14May 20, 2022Updated 4 years ago
- This is a repository of vendor-agnostic workflows provided for those interested in deploying Security Orchestration, Automation, and Resp…☆94Mar 2, 2021Updated 5 years ago
- Incident Response Plan for all major incidents including cheatsheets for both linux and windows☆13Jun 4, 2020Updated 6 years ago
- This Library provides python bindings to interact with the Cylance API.☆20Mar 20, 2023Updated 3 years ago
- SIEM USE Case Selection Methodology☆17Sep 18, 2020Updated 5 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆53Jul 27, 2022Updated 3 years ago
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆437May 21, 2026Updated last month
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Re-play Security Events☆1,776Mar 20, 2024Updated 2 years ago
- Detection rules to look for Log4J usage and exploitation☆18Jun 21, 2025Updated last year
- Actionable analytics designed to combat threats☆1,011May 25, 2022Updated 4 years ago
- This directory contains random scripts from threat hunting or malware research☆11Feb 15, 2018Updated 8 years ago
- ☆2,632Updated this week
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,598Jan 12, 2026Updated 5 months ago
- The aim of this repository is to provide a list of examples of tools, sources and measures available to incident response teams☆64Jul 15, 2020Updated 5 years ago
- Table Top Exercise (TTX) for Computer Security Incident Response (CSIRT) teams. The templatized artifacts provided will hopefully help te…☆44Sep 8, 2020Updated 5 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆827May 30, 2026Updated last month
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A WDAC configuration repository with the sole intention of enriching MDE☆30Jun 18, 2025Updated last year
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆355Oct 6, 2021Updated 4 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 5 years ago
- Examples for the CyCLI Powershell module☆12Mar 8, 2019Updated 7 years ago
- SIEM Tactics, Techiques, and Procedures☆720May 14, 2026Updated last month
- Collection of Dashboards for Threat Hunting and more!☆76Oct 17, 2020Updated 5 years ago
- Data from a BRAWL Automated Adversary Emulation Exercise☆215Oct 2, 2020Updated 5 years ago