dogoncouch / LogESP
Open Source SIEM (Security Information and Event Management system).
☆206Updated last year
Alternatives and similar repositories for LogESP:
Users that are interested in LogESP are comparing it to the libraries listed below
- PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform☆247Updated this week
- DFIRTrack - The Incident Response Tracking Application☆491Updated 6 months ago
- Documentation of TheHive☆395Updated last year
- Security event correlation engine for ELK stack☆435Updated 8 months ago
- Actionable analytics designed to combat threats☆982Updated 2 years ago
- CASCADE Server☆266Updated 2 years ago
- SIEM Tactics, Techiques, and Procedures☆615Updated 2 weeks ago
- Documentation of Cortex☆173Updated last year
- PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform☆148Updated 2 years ago
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆561Updated 2 months ago
- Scripts and a (future) library to improve users' interactions with the ATT&CK content☆585Updated last year
- A collection of resources for Threat Hunters☆879Updated 4 months ago
- A Python package to interact with the Mitre ATT&CK Framework☆475Updated last year
- A curated list of awesome things related to TheHive & Cortex☆177Updated 3 years ago
- This content is analysis and research of the data sources currently listed in ATT&CK.☆408Updated last year
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,146Updated last year
- Splunk Boss of the SOC version 2 dataset.☆372Updated 2 years ago
- Collaborative Open Playbook Standard☆154Updated last year
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆91Updated 2 years ago
- A repository of curated datasets from various attacks☆625Updated last week
- SIAC is an enterprise SIEM built on open-source technology.☆114Updated 6 years ago
- Python API Client for TheHive☆220Updated last week
- A set of Zeek scripts to detect ATT&CK techniques.☆578Updated 8 months ago
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆552Updated 3 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆273Updated last year
- MISP Docker (XME edition)☆283Updated last year
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆105Updated last year
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆344Updated this week
- Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform☆71Updated last year
- MISP trainings, threat intel and information sharing training materials with source code☆401Updated last month