georgestarcher / Splunk-ESIntel-KVStoreLinks
Splunk csv to KVStore ES Threat Intel
☆11Updated 9 years ago
Alternatives and similar repositories for Splunk-ESIntel-KVStore
Users that are interested in Splunk-ESIntel-KVStore are comparing it to the libraries listed below
Sorting:
- ☆55Updated 3 years ago
- Sysmon Splunk App☆47Updated 6 years ago
- QRadar Export the rule set for printing☆22Updated 7 years ago
- Carbon Black Feeds☆73Updated 2 years ago
- Community Sharing Repository for Carbon Black and Bit9 Platforms☆27Updated 3 years ago
- A Splunk app to use MISP in background☆111Updated 2 months ago
- Network Forensics Bro scripts & pcap samples☆62Updated 11 years ago
- ☆49Updated 4 years ago
- scripts to configure the Splunk Universal Forwarder in a locked down state☆40Updated 6 years ago
- Collection of bro scripts☆9Updated 9 years ago
- Repository of scripts/tools that may be useful in Security Operations Centres (SOC)☆55Updated 4 years ago
- Imports Alienvault OTX pulses to a MISP instance☆53Updated 3 years ago
- MineMeld nodes for MISP☆19Updated last year
- InvestigationPlaybookSpec☆73Updated 7 years ago
- Expert Investigation Guides☆52Updated 4 years ago
- Powershell Functions to interact with TheHive-Project☆11Updated 6 years ago
- Add-on for ingesting DMARC aggregate reports into Splunk☆15Updated 2 years ago
- A Splunk app with saved reports derived from Sigma rules☆73Updated 7 years ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Updated 8 years ago
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆23Updated 5 years ago
- Slides and Other Resources from my latest Talks and Presentations☆24Updated 4 years ago
- Command line interface to Carbon Black Response☆38Updated 5 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆20Updated 3 years ago
- Analyze binaries collected in VMware Carbon Black EDR against Yara rules.☆38Updated 2 years ago
- Volatility plugins developed and maintained by the community☆21Updated 10 months ago
- FRAC and RIFT☆17Updated 6 years ago
- Report Generation from the Carbon Black REST API☆15Updated 3 years ago
- An OpenTAXII Configuration for MISP☆82Updated 2 years ago
- A collection of notebooks built for defensive and offensive operations.☆77Updated 4 years ago
- misp-cloud - Cloud-ready images of MISP☆73Updated 2 years ago