Security Monitoring Resolution Categories
☆138Nov 25, 2021Updated 4 years ago
Alternatives and similar repositories for Use_Case_Applicability
Users that are interested in Use_Case_Applicability are comparing it to the libraries listed below
Sorting:
- The Intelligent Process Lifecycle of Active Cyber Defenders☆33Jan 1, 2023Updated 3 years ago
- EventList☆377Mar 21, 2021Updated 5 years ago
- ☆14May 30, 2018Updated 7 years ago
- References for FIRST CTI 2019 Symposium presentation☆23Mar 19, 2019Updated 7 years ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- Detect Tactics, Techniques & Combat Threats☆2,268Jan 21, 2026Updated 2 months ago
- A Splunk Technology Add-on to forward filtered ETW events.☆30Oct 14, 2020Updated 5 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆111Feb 6, 2020Updated 6 years ago
- Elasticsearch/Kibana environment and log data for Sigma workshop☆26Dec 20, 2019Updated 6 years ago
- Actionable analytics designed to combat threats☆1,005May 25, 2022Updated 3 years ago
- Misc Threat Hunting Resources☆377Jan 26, 2023Updated 3 years ago
- ☆34Aug 8, 2023Updated 2 years ago
- Open source information security policies☆16Jan 25, 2021Updated 5 years ago
- A Splunk app to use MISP in background☆112Jan 8, 2026Updated 2 months ago
- Questions to ask about the team and company when you're interviewing for a CISO position☆15Oct 19, 2021Updated 4 years ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,062Oct 5, 2023Updated 2 years ago
- ATT&CK Remote Threat Hunting Incident Response☆206Dec 8, 2024Updated last year
- TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases are mapped to …☆27Jul 13, 2022Updated 3 years ago
- Open Source Security Events Metadata (OSSEM)☆1,289Feb 27, 2023Updated 3 years ago
- Creating a Feed of MISP Events from ThreatFox (by abuse.ch)☆19Jun 2, 2021Updated 4 years ago
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆45Aug 17, 2020Updated 5 years ago
- Atomic Red Team Simple Parser☆13Sep 21, 2018Updated 7 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20May 25, 2022Updated 3 years ago
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆356Nov 3, 2020Updated 5 years ago
- A framework for developing alerting and detection strategies for incident response.☆852Sep 8, 2025Updated 6 months ago
- DFIRTrack - The Incident Response Tracking Application☆534Jan 13, 2026Updated 2 months ago
- intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; inclu…☆41Mar 17, 2019Updated 7 years ago
- Incident Response Methodologies☆1,018Aug 2, 2018Updated 7 years ago
- Import AbuseCH IOC Feeds into MISP☆12Feb 17, 2021Updated 5 years ago
- All-in-one bundle of MISP, TheHive and Cortex☆170Sep 27, 2022Updated 3 years ago
- Detection Ideas & Rules repository.☆178Sep 10, 2021Updated 4 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆938Dec 12, 2023Updated 2 years ago
- Utilities for MITRE™ ATT&CK☆1,050Jan 3, 2026Updated 2 months ago
- Defensomania is a security monitoring and incident response card game.☆65May 24, 2023Updated 2 years ago
- TrustedSec Sysinternals Sysmon Community Guide☆1,384Feb 10, 2026Updated last month
- attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage☆115Mar 26, 2023Updated 2 years ago
- This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…☆35Feb 27, 2019Updated 7 years ago
- An ELK environment containing interesting security datasets.☆136May 11, 2020Updated 5 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,501Jan 12, 2026Updated 2 months ago