Security Monitoring Resolution Categories
☆138Nov 25, 2021Updated 4 years ago
Alternatives and similar repositories for Use_Case_Applicability
Users that are interested in Use_Case_Applicability are comparing it to the libraries listed below
Sorting:
- The Intelligent Process Lifecycle of Active Cyber Defenders☆33Jan 1, 2023Updated 3 years ago
- References for FIRST CTI 2019 Symposium presentation☆23Mar 19, 2019Updated 6 years ago
- EventList☆377Mar 21, 2021Updated 4 years ago
- ☆14May 30, 2018Updated 7 years ago
- Detect Tactics, Techniques & Combat Threats☆2,263Jan 21, 2026Updated last month
- Actionable analytics designed to combat threats☆1,005May 25, 2022Updated 3 years ago
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20May 25, 2022Updated 3 years ago
- Creating a Feed of MISP Events from ThreatFox (by abuse.ch)☆19Jun 2, 2021Updated 4 years ago
- Elasticsearch/Kibana environment and log data for Sigma workshop☆26Dec 20, 2019Updated 6 years ago
- A Splunk Technology Add-on to forward filtered ETW events.☆30Oct 14, 2020Updated 5 years ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆1,059Oct 5, 2023Updated 2 years ago
- TIBER-Cases is a project created to give cases of The Hive platform for Threat Intelligence Analysts mainly. All the cases are mapped to …☆27Jul 13, 2022Updated 3 years ago
- Misc Threat Hunting Resources☆377Jan 26, 2023Updated 3 years ago
- ☆34Aug 8, 2023Updated 2 years ago
- This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…☆35Feb 27, 2019Updated 7 years ago
- A Splunk app to use MISP in background☆113Jan 8, 2026Updated last month
- A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework☆355Nov 3, 2020Updated 5 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆111Feb 6, 2020Updated 6 years ago
- Create alerts in The Hive from your Graylog alerts, to be turned into Hive cases.☆45Aug 17, 2020Updated 5 years ago
- intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; inclu…☆41Mar 17, 2019Updated 6 years ago
- Open Source Security Events Metadata (OSSEM)☆1,288Feb 27, 2023Updated 3 years ago
- A framework for developing alerting and detection strategies for incident response.☆841Sep 8, 2025Updated 5 months ago
- Defensomania is a security monitoring and incident response card game.☆65May 24, 2023Updated 2 years ago
- CyCAT.org taxonomies☆15May 22, 2021Updated 4 years ago
- misp-cloud - Cloud-ready images of MISP☆74Aug 24, 2022Updated 3 years ago
- DFIRTrack - The Incident Response Tracking Application☆532Jan 13, 2026Updated last month
- Utilities for MITRE™ ATT&CK☆1,050Jan 3, 2026Updated last month
- attack2jira automates the process of standing up a Jira environment that can be used to track and measure ATT&CK coverage☆115Mar 26, 2023Updated 2 years ago
- Signature engine for all your logs☆172Nov 13, 2023Updated 2 years ago
- An ELK environment containing interesting security datasets.☆136May 11, 2020Updated 5 years ago
- CyCAT.org API back-end server including crawlers☆29Feb 4, 2023Updated 3 years ago
- Incident Response Methodologies☆1,018Aug 2, 2018Updated 7 years ago
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK☆1,078Nov 28, 2024Updated last year
- Converts Sigma detection rules to a Splunk alert configuration.☆115May 18, 2020Updated 5 years ago
- Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.☆937Dec 12, 2023Updated 2 years ago
- TrustedSec Sysinternals Sysmon Community Guide☆1,372Feb 10, 2026Updated 2 weeks ago
- Blueteam operational triage registry hunting/forensic tool.☆149Sep 2, 2025Updated 5 months ago
- A PoC .net shell which uses a GitHub.com repository for the communication channel.☆11Oct 25, 2018Updated 7 years ago