Alternatives and similar repositories for geneve:

Users that are interested in geneve are comparing it to the libraries listed below

• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated 2 months ago
• MISP / misp-rfc
  Specifications used in the MISP project including MISP core format
  ☆51Updated last week
• secureworks / aristotle
  ☆37Updated 2 months ago
• corelight / pycommunityid
  A Python implementation of the Community ID flow hashing standard
  ☆23Updated last year
• lprat / logstash-plugins
  My logstash plugins. Filter: sig (for security detect -> IOC, sig, New value, Reference, link, frequence, ...). Output: alert created by …
  ☆10Updated 5 years ago
• corelight / zeek-community-id
  Zeek support for Community ID flow hashing.
  ☆35Updated last year
• carta / krang
  Knowledge Report Alert & Normalization Generator
  ☆27Updated 9 months ago
• juju4 / ansible-MISP
  ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing
  ☆53Updated last month
• elastic / security-action-examples
  This repository contains a few examples of actions that can be added to rules within Elastic Security.
  ☆22Updated 2 years ago
• ncsa / bro-doctor
  ☆23Updated 4 years ago
• jgamblin / CVElk
  Autoconfigured ELK Stack That Contains All EPSS and NVD CVE Data
  ☆48Updated 6 months ago
• CyCat-project / cycat-service
  CyCAT.org API back-end server including crawlers
  ☆30Updated last year
• corelight / got_zoom
  A Zeek package that detects Zoom logins and meeting joins
  ☆12Updated 4 years ago
• elastic / elastic-integration-corpus-generator-tool
  Command line tool used for generating events corpus dynamically given a specific integration
  ☆23Updated last month
• opencybersecurityalliance / firepit
  Firepit - STIX Columnar Storage
  ☆16Updated 7 months ago
• cyentific-rni / SAG
  An elevated STIX representation of the MITRE ATT&CK Groups knowledge base
  ☆23Updated 2 years ago
• CybercentreCanada / assemblyline-core
  Core server components for Assemblyline 4 (Alerter, dispatcher, expiry, ingester, scaler, updater, ...)
  ☆19Updated this week
• oasis-open / cti-pattern-matcher
  OASIS TC Open Repository: Match STIX content against STIX patterns
  ☆44Updated 2 years ago
• ElasticSA / elsec_dr2an
  Script to create MITRE ATT&CK Navigator layers from the annotated detection rules in Elastic Security (Kibana).
  ☆20Updated last year
• MISP / best-practices-in-threat-intelligence
  Best practices in threat intelligence
  ☆46Updated 2 years ago
• adulau / threat-intelligence.eu
  threat-intelligence.eu website and repository of information about open standards, documents, methodologies and processes in threat intel…
  ☆48Updated 2 years ago
• elastic / ecs-mapper
  Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash
  ☆54Updated 2 years ago
• corelight / zeek-long-connections
  Zeek package for tracking long connections to report them before they have completed.
  ☆29Updated 2 years ago
• CIRCL / bgpranking-redis-api
  API to access the Redis database of a BGP Ranking instance.
  ☆17Updated 7 years ago
• CIRCL / potiron
  Potiron - Normalize, Index and Visualize Network Capture
  ☆83Updated 5 years ago
• sttor / awesome-osquery
  Osquery Resources
  ☆60Updated 5 years ago
• MISP / PyTaxonomies
  Python module to use the MISP Taxonomies
  ☆29Updated this week
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated last year