Alternatives and similar repositories for ai-runbooks

Users that are interested in ai-runbooks are comparing it to the libraries listed below

• anvilogic-forge / armory
  Anvilogic Forge
  ☆110Updated last month
• tuckner / automation-capability-matrix
  A tool that allows you to document and assess any security automation in your SOC
  ☆47Updated last year
• k-bailey / detection-engineering-maturity-matrix
  ☆98Updated 3 years ago
• dandye / adk_runbooks
  ☆54Updated this week
• gertjanbruggink / metrics
  This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.
  ☆114Updated 11 months ago
• korniko98 / pivot-atlas
  ☆99Updated last week
• UncoderIO / Roota
  Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …
  ☆132Updated last year
• socprime / the-prime-hunt
  A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation
  ☆77Updated last year
• iknowjason / BlueCloud
  Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.
  ☆142Updated 3 years ago
• elastic / SWAT
  ☆166Updated last month
• fr0gger / nova-framework
  NOVA: The Prompt Pattern Matching
  ☆42Updated 3 weeks ago
• infosecB / Rulehound
  An index of publicly available and open-source threat detection rulesets.
  ☆129Updated 6 months ago
• darkquasar / AIMOD2
  Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…
  ☆89Updated 2 years ago
• invictus-ir / ALFA
  ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…
  ☆163Updated 8 months ago
• DataDog / HASH
  HASH (HTTP Agnostic Software Honeypot)
  ☆140Updated last year
• TactiKoolSec / OTHF
  Open Threat Hunting Framework
  ☆121Updated 2 years ago
• tidalcyber / cyber-threat-profiling
  A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense
  ☆102Updated last year
• mitre / emu
  This CALDERA Plugin converts Adversary Emulation Plans from the Center for Threat Informed Defense
  ☆34Updated last month
• jshlbrd / detection-engineering-pocket-guide
  pocket guide for core detection engineering concepts
  ☆30Updated 2 years ago
• vectra-ai-research / derf
  DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…
  ☆101Updated last year
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆59Updated 3 years ago
• jatrost / awesome-detection-rules
  This is a collection of threat detection rules / rules engines that I have come across.
  ☆299Updated last year
• AttackIQ / SigmAIQ
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆86Updated last week
• northsh / detection.studio
  Convert Sigma rules to SIEM queries, directly in your browser.
  ☆96Updated 2 weeks ago
• OTRF / GenAI-Security-Adventures
  ☆108Updated last year
• Digital-Defense-Institute / triage.zip
  A preconfigured Velociraptor triage collector
  ☆56Updated this week
• dwillowtree / diana
  Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )
  ☆221Updated last year
• facebookincubator / ForgeArmory
  ForgeArmory provides TTPs that can be used with the TTPForge (https://github.com/facebookincubator/ttpforge).
  ☆117Updated last year
• krdmnbrk / AttackRuleMap
  Mapping of open-source detection rules and atomic tests.
  ☆185Updated 9 months ago
• invictus-ir / aws-cheatsheet
  A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
  ☆82Updated last year