danieleperera / SocAnalystArsenalLinks
Quick SOC L1 ticket structure
☆38Updated 6 years ago
Alternatives and similar repositories for SocAnalystArsenal
Users that are interested in SocAnalystArsenal are comparing it to the libraries listed below
Sorting:
- links collected from SOC Core Skills class☆85Updated 4 years ago
- Repository resource for threat hunter☆158Updated 6 years ago
- These are open source rules that can be utilized with QRadar to detect various types of threats in the environment.☆55Updated 6 years ago
- This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR☆79Updated 3 years ago
- Cybersecurity Incident Response Plan☆91Updated 4 years ago
- This is the One Stop place where you can several Detection Rules which can help you to kick start your journey on SIEM, SOC work.☆39Updated 4 years ago
- A curated list of FOSS software appliances for building a SOC☆18Updated 4 years ago
- Repository of public reference frameworks for the DFIR community.☆116Updated 2 years ago
- Indexes for SANS Courses and GIAC Certifications☆254Updated last year
- Useful resources about phishing email analysis☆84Updated 6 months ago
- Some Threat Hunting queries useful for blue teamers☆127Updated 3 years ago
- Resources for SANS CTI Summit 2021 presentation☆103Updated last year
- Random notes collected on the intertubes relating to DFIR☆34Updated 2 years ago
- ☆66Updated 2 years ago
- Dictionary of CTI-related acronyms, terms, and jargon☆143Updated last year
- ☆21Updated 6 years ago
- Threat-Intelligence Feeds & Tools & Frameworks☆220Updated last year
- Zerofox Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆38Updated 5 years ago
- Cyber Incident Response Team Playbook Battle Cards☆385Updated last year
- Practical Threat Detection Engineering, Published by Packt☆76Updated 2 years ago
- IoT Digital Forensics Course with hands-on labs☆228Updated last year
- Tools for simulating threats☆191Updated last year
- Resources To Learn And Understand SIGMA Rules☆180Updated 2 years ago
- Blue Team detection lab created with Terraform and Ansible in Azure.☆162Updated 8 months ago
- Repository for SPEED SIEM Use Case Framework☆55Updated 5 years ago
- DigitalShadows Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆38Updated 6 years ago
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆208Updated 5 years ago
- Collection of scripts and tools related to the eCTHPv2 exam by INE.☆16Updated 3 years ago
- ☆45Updated 2 years ago
- Zeek Log Cheatsheets☆295Updated last week