Repository for SPEED SIEM Use Case Framework
☆60May 2, 2020Updated 5 years ago
Alternatives and similar repositories for SPEED-SIEM-Use-Case-Framework
Users that are interested in SPEED-SIEM-Use-Case-Framework are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Automated Use Case Testing☆171May 1, 2018Updated 7 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆111Feb 6, 2020Updated 6 years ago
- FIles and guides related to using Elasticstack as a SIEM☆12May 16, 2020Updated 5 years ago
- CyLR - Live Response Collection Tool☆10Jul 14, 2020Updated 5 years ago
- TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response☆13Jul 13, 2020Updated 5 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Incident Response Report Using GitHub-Sphinx☆20Oct 28, 2019Updated 6 years ago
- RID Hijacking Proof of Concept script by Kevin Joyce☆15Oct 30, 2018Updated 7 years ago
- Repository to track community hardware, data and funding.☆12Apr 8, 2022Updated 3 years ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- Investigate suspicious activity by visualizing Sysmon's event log☆430Dec 22, 2023Updated 2 years ago
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19May 11, 2021Updated 4 years ago
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆573Dec 12, 2021Updated 4 years ago
- Some YARA rules i will add from time to time☆12May 31, 2019Updated 6 years ago
- A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.☆981Aug 26, 2024Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.☆21Jul 1, 2023Updated 2 years ago
- Security even with a small budget - there is no excuse!☆20May 24, 2023Updated 2 years ago
- Integrate IBM QRadar and RPA to automate security L1 tasks.☆14May 20, 2022Updated 3 years ago
- This is a repository of vendor-agnostic workflows provided for those interested in deploying Security Orchestration, Automation, and Resp…☆92Mar 2, 2021Updated 5 years ago
- Incident Response Plan for all major incidents including cheatsheets for both linux and windows☆13Jun 4, 2020Updated 5 years ago
- This Library provides python bindings to interact with the Cylance API.☆20Mar 20, 2023Updated 3 years ago
- SIEM USE Case Selection Methodology☆17Sep 18, 2020Updated 5 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆53Jul 27, 2022Updated 3 years ago
- Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques☆417Nov 8, 2025Updated 4 months ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Re-play Security Events☆1,729Mar 20, 2024Updated 2 years ago
- Detection rules to look for Log4J usage and exploitation☆18Jun 21, 2025Updated 9 months ago
- Actionable analytics designed to combat threats☆1,005May 25, 2022Updated 3 years ago
- ☆2,525Updated this week
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,508Jan 12, 2026Updated 2 months ago
- This directory contains random scripts from threat hunting or malware research☆11Feb 15, 2018Updated 8 years ago
- The aim of this repository is to provide a list of examples of tools, sources and measures available to incident response teams☆64Jul 15, 2020Updated 5 years ago
- A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs☆791Mar 14, 2026Updated last week
- Table Top Exercise (TTX) for Computer Security Incident Response (CSIRT) teams. The templatized artifacts provided will hopefully help te…☆44Sep 8, 2020Updated 5 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A WDAC configuration repository with the sole intention of enriching MDE☆30Jun 18, 2025Updated 9 months ago
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆354Oct 6, 2021Updated 4 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- Examples for the CyCLI Powershell module☆12Mar 8, 2019Updated 7 years ago
- SIEM Tactics, Techiques, and Procedures☆704Updated this week
- Collection of Dashboards for Threat Hunting and more!☆74Oct 17, 2020Updated 5 years ago
- Data from a BRAWL Automated Adversary Emulation Exercise☆212Oct 2, 2020Updated 5 years ago