databricks-industry-solutions / ioc-matching
IOC matching for incident responders, threat hunters, detection engineers, and security engineers.
☆14Updated 3 months ago
Related projects: ⓘ
- Firepit - STIX Columnar Storage☆15Updated 3 months ago
- SIEM-to-Spark Transpiler☆42Updated 6 months ago
- A Zeek package that detects Zoom logins and meeting joins☆11Updated 4 years ago
- Time series knowledge graphs for cybersecurity☆18Updated 3 months ago
- A collection of dashboards, templates, API's and Power BI code for vulnerability management and analysis☆12Updated 3 weeks ago
- This repo contains example of raw event examples and possible translations to the OCSF schema.☆32Updated 3 weeks ago
- ☆15Updated last year
- ☆11Updated 2 years ago
- Adversary Emulation Planner☆37Updated 2 months ago
- Kestrel Jupyter Notebook Kernel☆9Updated 11 months ago
- Python samples and utilities for Chronicle APIs☆76Updated this week
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆33Updated 3 weeks ago
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆29Updated 8 months ago
- List of Awesome Vertex Synapse Resources☆24Updated last month
- Posture Attribute Collection and Evaluation☆23Updated last year
- ☆9Updated 5 years ago
- A few quick recipes for those that do not have much time during the day☆21Updated 3 weeks ago
- This repository hosts community contributed Kestrel analytics☆14Updated 3 months ago
- The official Prelude-Correlator GitHub mirror of https://www.prelude-siem.org/projects/prelude-correlator/repository☆10Updated 3 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆13Updated 4 years ago
- Security Control Knowledge Graph☆25Updated 4 months ago
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆17Updated 4 years ago
- Detection-as-Code CI/CD pipeline for modern security tools (SIEM, EDR, XDR, ...)☆16Updated last month
- intelligence-icons is a collection of icons and diagrams for building training and marketing materials around Intelligence sharing; inclu…☆38Updated 5 years ago
- Extensions for Zeek's Intelligence Framework.☆11Updated 2 years ago
- ☆12Updated 4 months ago
- Specifications used in the MISP project including MISP core format☆45Updated 2 months ago
- A Python implementation of the Community ID flow hashing standard☆23Updated 9 months ago
- Knowledge Report Alert & Normalization Generator☆27Updated 6 months ago
- ☆25Updated 3 years ago