Alternatives and similar repositories for logstash-filter-threats_classifier:

Users that are interested in logstash-filter-threats_classifier are comparing it to the libraries listed below

• endgameinc / eqllib
  ☆164Updated 4 years ago
• apache / metron-bro-plugin-kafka
  Apache Metron
  ☆59Updated 4 years ago
• 0xtf / nsm-attack
  Mapping NSM rules to MITRE ATT&CK
  ☆71Updated 4 years ago
• empow / logstash-parsers
  ☆38Updated 5 years ago
• socprime / SigmaUI
  SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)
  ☆187Updated 3 years ago
• NVISOsecurity / ee-outliers
  Open-source framework to detect outliers in Elasticsearch events
  ☆209Updated last year
• HKcyberstark / TI_Mod
  Threat Intelligence with Elastic - Minemeld integration with Elasticsearch
  ☆19Updated 3 years ago
• baronpan / SysmonHunter
  An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal
  ☆201Updated 3 years ago
• HKcyberstark / wazuh-ecs
  Parse wazuh[HIDS] alerts into ECS mapping using Filebeat
  ☆27Updated 4 years ago
• zeek / zeek-agent
  This project is no longer maintained. There's a successor at https://github.com/zeek/zeek-agent-v2
  ☆123Updated 4 years ago
• blacktop / docker-zeek
  Zeek IDS Dockerfile
  ☆101Updated 2 years ago
• fhightower / ioc-finder
  Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security relate…
  ☆164Updated last year
• passivetotal / python_api
  Python abstract API for PassiveTotal services in the form of libraries and command line utilities.
  ☆85Updated last year
• michaelhidalgo / attack-to-elk
  This program exports MITRE ATT&CK framework in ELK dashboard
  ☆78Updated 2 years ago
• michalpurzynski / zeek-scripts
  zeek-scripts
  ☆44Updated 6 years ago
• endgameinc / eql
  ☆219Updated last year
• Neo23x0 / evt2sigma
  Log Entry to Sigma Rule Converter
  ☆107Updated 3 years ago
• dgunter / evtxtoelk
  A lightweight tool to load Windows Event Log evtx files into Elasticsearch.
  ☆115Updated 4 years ago
• zeek / zeek-docker
  Docker files for building Zeek.
  ☆86Updated last year
• elastic / ecs-mapper
  Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash
  ☆54Updated 3 years ago
• abhinavbom / Threat-Intelligence-Hunter
  TIH is an intelligence tool that helps you in searching for IOCs across multiple openly available security feeds and some well known APIs…
  ☆150Updated 11 months ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated this week
• TheHive-Project / TheHive4py
  Python API Client for TheHive
  ☆223Updated last week
• mitre / brawl-public-game-001
  Data from a BRAWL Automated Adversary Emulation Exercise
  ☆205Updated 4 years ago
• csirtgadgets / bearded-avenger
  CIF v3 -- the fastest way to consume threat intelligence
  ☆182Updated 2 years ago
• mitre-attack / tram
  Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.
  ☆349Updated 3 years ago
• InQuest / ThreatKB
  Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
  ☆100Updated 3 months ago
• cedricbonhomme / pyHIDS
  A HIDS (host-based intrusion detection system) for verifying the integrity of a system.
  ☆58Updated 2 months ago
• demisto / COPS
  Collaborative Open Playbook Standard
  ☆155Updated last year
• PaloAltoNetworks / ioc-parser
  Tool to extract indicators of compromise from security reports in PDF format
  ☆72Updated 10 months ago