defenxor / dsiem
Security event correlation engine for ELK stack
☆434Updated 4 months ago
Related projects ⓘ
Alternatives and complementary repositories for dsiem
- DFIRTrack - The Incident Response Tracking Application☆482Updated 2 months ago
- PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform☆244Updated 2 weeks ago
- Mapping the MITRE ATT&CK Matrix with Osquery☆776Updated last year
- A set of Zeek scripts to detect ATT&CK techniques.☆565Updated 4 months ago
- Documentation of TheHive☆393Updated last year
- MISP Docker (XME edition)☆283Updated 11 months ago
- Documentation of Cortex☆170Updated last year
- Extract and aggregate threat intelligence.☆832Updated 9 months ago
- Create actionable data from your Vulnerability Scans☆1,357Updated last year
- A curated list of awesome things related to TheHive & Cortex☆173Updated 3 years ago
- Actionable analytics designed to combat threats☆972Updated 2 years ago
- PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform☆147Updated 2 years ago
- PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform☆625Updated this week
- Detecting ATT&CK techniques & tactics for Linux☆256Updated 4 years ago
- Zeek-Formatted Threat Intelligence Feeds☆343Updated this week
- SIEM Tactics, Techiques, and Procedures☆587Updated last month
- Open Source SIEM (Security Information and Event Management system).☆197Updated last year
- This project is a SIEM with SIRP and Threat Intel, all in one.☆412Updated this week
- MISP trainings, threat intel and information sharing training materials with source code☆390Updated this week
- Repository of YARA rules made by Trellix ATR Team☆570Updated 11 months ago
- ☆125Updated last year
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆768Updated last year
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,139Updated last year
- Cortex Analyzers Repository☆435Updated 2 weeks ago
- Sigma rules from Joe Security☆203Updated 2 weeks ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆266Updated 10 months ago
- A curated list of awesome resources related to Mitre ATT&CK™ Framework☆587Updated 5 years ago
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆539Updated 2 years ago
- Python API Client for TheHive☆218Updated last week
- A collection of resources for Threat Hunters☆856Updated last month