Repository for SPEED SIEM Use Case Framework
☆60May 2, 2020Updated 5 years ago
Alternatives and similar repositories for SPEED-SIEM-Use-Case-Framework
Users that are interested in SPEED-SIEM-Use-Case-Framework are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Automated Use Case Testing☆171May 1, 2018Updated 7 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆111Feb 6, 2020Updated 6 years ago
- FIles and guides related to using Elasticstack as a SIEM☆12May 16, 2020Updated 5 years ago
- CyLR - Live Response Collection Tool☆10Jul 14, 2020Updated 5 years ago
- TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response☆13Jul 13, 2020Updated 5 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Incident Response Report Using GitHub-Sphinx☆21Oct 28, 2019Updated 6 years ago
- RID Hijacking Proof of Concept script by Kevin Joyce☆15Oct 30, 2018Updated 7 years ago
- Repository to track community hardware, data and funding.☆12Apr 8, 2022Updated 4 years ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆431Dec 22, 2023Updated 2 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19May 11, 2021Updated 4 years ago
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆572Dec 12, 2021Updated 4 years ago
- Some YARA rules i will add from time to time☆12May 31, 2019Updated 6 years ago
- A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.☆984Aug 26, 2024Updated last year
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆21Jul 1, 2023Updated 2 years ago
- Security even with a small budget - there is no excuse!☆20May 24, 2023Updated 2 years ago
- Integrate IBM QRadar and RPA to automate security L1 tasks.☆14May 20, 2022Updated 3 years ago
- This is a repository of vendor-agnostic workflows provided for those interested in deploying Security Orchestration, Automation, and Resp…☆92Mar 2, 2021Updated 5 years ago
- Incident Response Plan for all major incidents including cheatsheets for both linux and windows☆13Jun 4, 2020Updated 5 years ago
- This Library provides python bindings to interact with the Cylance API.☆20Mar 20, 2023Updated 3 years ago
- SIEM USE Case Selection Methodology☆17Sep 18, 2020Updated 5 years ago
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆422Nov 8, 2025Updated 5 months ago
- Re-play Security Events☆1,734Mar 20, 2024Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Detection rules to look for Log4J usage and exploitation☆18Jun 21, 2025Updated 9 months ago
- Actionable analytics designed to combat threats☆1,006May 25, 2022Updated 3 years ago
- ☆2,546Updated this week
- This directory contains random scripts from threat hunting or malware research☆11Feb 15, 2018Updated 8 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,526Jan 12, 2026Updated 3 months ago
- The aim of this repository is to provide a list of examples of tools, sources and measures available to incident response teams☆64Jul 15, 2020Updated 5 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆801Apr 6, 2026Updated last week
- Table Top Exercise (TTX) for Computer Security Incident Response (CSIRT) teams. The templatized artifacts provided will hopefully help te…☆44Sep 8, 2020Updated 5 years ago
- A WDAC configuration repository with the sole intention of enriching MDE☆30Jun 18, 2025Updated 9 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆354Oct 6, 2021Updated 4 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- Examples for the CyCLI Powershell module☆12Mar 8, 2019Updated 7 years ago
- SIEM Tactics, Techiques, and Procedures☆707Apr 8, 2026Updated last week
- Collection of Dashboards for Threat Hunting and more!☆74Oct 17, 2020Updated 5 years ago
- Data from a BRAWL Automated Adversary Emulation Exercise☆212Oct 2, 2020Updated 5 years ago
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Jan 29, 2020Updated 6 years ago