dogoncouch / LogESP
Open Source SIEM (Security Information and Event Management system).
☆208Updated last year
Alternatives and similar repositories for LogESP:
Users that are interested in LogESP are comparing it to the libraries listed below
- PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform☆247Updated this week
- PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform☆148Updated 2 years ago
- Security event correlation engine for ELK stack☆435Updated 9 months ago
- Documentation of Cortex☆174Updated last year
- SIEM Tactics, Techiques, and Procedures☆616Updated last month
- A Ruleset to enhance detection capabilities of Ossec using Sysmon☆91Updated 2 years ago
- Phantom Community Playbooks☆491Updated last month
- Wazuh - Ruleset☆438Updated 6 months ago
- CASCADE Server☆266Updated 2 years ago
- DFIRTrack - The Incident Response Tracking Application☆492Updated 6 months ago
- SIAC is an enterprise SIEM built on open-source technology.☆114Updated 6 years ago
- Python API Client for TheHive☆222Updated 3 weeks ago
- Documentation of TheHive☆396Updated last year
- A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.☆854Updated 7 months ago
- Python Script to access ATT&CK content available in STIX via a public TAXII server☆562Updated 3 months ago
- ☆125Updated last year
- Wazuh - RESTful API☆72Updated 6 months ago
- A collection of resources for Threat Hunters☆878Updated 5 months ago
- MISP Docker (XME edition)☆282Updated last year
- A curated list of awesome things related to TheHive & Cortex☆177Updated 3 years ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆186Updated 3 years ago
- A Python package to interact with the Mitre ATT&CK Framework☆474Updated last year
- Collaborative Open Playbook Standard☆154Updated last year
- PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform☆630Updated this week
- Cortex Analyzers Repository☆450Updated last week
- Docker configurations for TheHive, Cortex and 3rd party tools☆119Updated 2 years ago
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆348Updated 3 years ago
- Scripts and a (future) library to improve users' interactions with the ATT&CK content☆584Updated last year
- DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.☆552Updated 3 years ago
- Suricata rules for network anomaly detection☆156Updated last week