Alternatives and similar repositories for solution-pack-soar-framework:

Users that are interested in solution-pack-soar-framework are comparing it to the libraries listed below

• jasonsford / IPScraper
  This script provides a Python library with methods to authenticate to various sources of threat intelligence and query IPs for the latest…
  ☆18Updated this week
• austinsonger / Elastic-Security
  Repo for Automations and other solutions for Elastic SIEM/Security.
  ☆18Updated 3 years ago
• fortinet / fortios-ips-snort
  Convert snort IPS signatures to FortiGate custom IPS signature syntax.
  ☆39Updated last month
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆37Updated 2 years ago
• packetsifter / packetsifterTool
  PacketSifter is a tool/script that is designed to aid analysts in sifting through a packet capture (pcap) to find noteworthy traffic. Pac…
  ☆95Updated 3 years ago
• drewhjelm / firewall-audit
  ☆16Updated 5 years ago
• moshekaplan / palo_alto_firewall_analyzer
  Python scripts for reviewing Palo Alto Firewall configurations
  ☆27Updated 2 months ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆53Updated 4 years ago
• msraju / Incident-Response-Playbooks
  ☆42Updated 2 years ago
• CrowdStrike / Identity-Protection
  ☆13Updated last year
• elysiumsecurityltd / IRM
  Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General
  ☆23Updated 3 years ago
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆42Updated 4 years ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 2 months ago
• jangeisbauer / gundog2
  Microsoft 365 Defender Hunting via PowerShell.
  ☆13Updated 3 years ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆38Updated 9 months ago
• PaloAltoNetworks / minemeld-docker
  Official Palo Alto Networks MineMeld docker
  ☆17Updated 5 years ago
• humio / security_monitoring
  ☆41Updated last year
• activecm / threat-hunting-labs
  Collection of walkthroughs on various threat hunting techniques
  ☆75Updated 4 years ago
• mdecrevoisier / Windows-WEC-server_auto-deploy
  PowerShell scripts for fast Windows Event Collector configuration with Palantir toolset
  ☆22Updated 2 years ago
• chrivand / Firepower_O365_Feed_Parser
  This is a Sample Script that can parse the O365 Web Service API and upload it to Firepower Management Center as Group Objects.
  ☆67Updated 9 months ago
• Truvis / SplunkDashboards
  Collection of Dashboards for Threat Hunting and more!
  ☆63Updated 4 years ago
• socfortress / SOCFortress-Threat-Intel
  Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service
  ☆28Updated 4 months ago
• glennake / DirectFire_Converter
  DirectFire Firewall Converter - Network Security, Next-Generation Firewall Configuration Conversion, Firewall Syntax Translation and Fire…
  ☆56Updated 2 years ago
• guardsight / gsvsoc_mission-model
  Incident Response Report Using GitHub-Sphinx
  ☆19Updated 5 years ago
• splunk / TA-microsoft-365-defender-advanced-hunting-add-on
  ☆14Updated 2 weeks ago
• CiscoDevNet / cloud-security
  ☆58Updated 2 months ago
• Maboalenen / DFIR
  Incident response teams usually working on the offline data, collecting the evidence, then analyze the data
  ☆44Updated 3 years ago
• signorrayan / SplunkThreatHunting
  This repository contains Splunk queries to hunt some anomalies
  ☆38Updated 2 years ago
• weslambert / securityonion-misp
  ☆34Updated 4 years ago
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆34Updated 2 years ago