elastic / geneve
☆13Updated this week
Alternatives and similar repositories for geneve:
Users that are interested in geneve are comparing it to the libraries listed below
- PatrOwl - Open Source, Free and Scalable Security Operations Orchestration Platform☆11Updated 7 months ago
- My logstash plugins. Filter: sig (for security detect -> IOC, sig, New value, Reference, link, frequence, ...). Output: alert created by …☆10Updated 5 years ago
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated last week
- Zeek package for tracking long connections to report them before they have completed.☆29Updated 2 weeks ago
- Script to create MITRE ATT&CK Navigator layers from the annotated detection rules in Elastic Security (Kibana).☆20Updated last year
- ArcSight's Common Event Format library☆37Updated last year
- Rapid cybersecurity toolkit based on Elastic in Docker. Designed to quickly build elastic-based environments to analyze and execute threa…☆18Updated 4 years ago
- Connector for pulling and converting STIX information from TAXII Service Providers into CB Feeds.☆15Updated 2 years ago
- Zeek support for Community ID flow hashing.☆35Updated last year
- Firepit - STIX Columnar Storage☆16Updated 8 months ago
- ☆23Updated 4 years ago
- \B\C\M\C\ Open Source Software☆18Updated 3 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆19Updated 2 years ago
- A Zeek package that detects Zoom logins and meeting joins☆12Updated 4 years ago
- Specifications used in the MISP project including MISP core format☆51Updated last month
- Elastic TIP is a python tool which automates the process of aggregating Threat Intelligence and ingesting the intelligence into a common …☆27Updated 6 months ago
- YETI (Your Everyday Threat Intelligence) Integration to Elastic Stack☆16Updated 4 years ago
- setup zeek, previously Bro IDS☆17Updated 2 months ago
- STIX 2.1 Data Modeling Tool☆25Updated 7 months ago
- A collection of Cortex Analyzers and Responders for TheHive/Cortex☆13Updated 5 years ago
- This repository contains a few examples of actions that can be added to rules within Elastic Security.☆22Updated last week
- Bro script package to create JSON formatted logs to stream into data analysis systems.☆28Updated last year
- Threat Intelligence with Elastic - Minemeld integration with Elasticsearch☆19Updated 3 years ago
- Converts Netwitness log parser configuration to Logstash configuration☆20Updated 4 years ago
- Contains log samples and configuration files for the Tactical Data Handling at Scale with Logstash course☆11Updated 5 years ago
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆22Updated 5 years ago
- CyCAT.org API back-end server including crawlers☆30Updated 2 years ago
- ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing☆53Updated 2 months ago
- A STIX 2.1 Extension Definition for the Course of Action (COA) object type. The nested property extension allows a COA to share machine-r…☆23Updated last year
- Best practices in threat intelligence☆46Updated 2 years ago