gertjanbruggink / metrics
This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.
☆93Updated 6 months ago
Related projects: ⓘ
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆113Updated 9 months ago
- ☆83Updated 2 years ago
- Repository of public reference frameworks for the DFIR community.☆105Updated last year
- An opensource sigma conversion tool built using pysigma☆90Updated last week
- A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense☆68Updated 9 months ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆75Updated 3 months ago
- ☆40Updated last year
- Public script from SANS FOR509 Enterprise Cloud Incident Response☆170Updated last week
- Dettectinator - The Python library to your DeTT&CT YAML files.☆102Updated 3 weeks ago
- ☆84Updated 3 months ago
- User Feedback Space of #MitreAssistant☆37Updated last year
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆64Updated 6 months ago
- Intel Retrieval Augmented Generation (RAG) Utilities☆86Updated 7 months ago
- Intelligence Architecture Mind Map☆110Updated 6 months ago
- A dataset containing Office 365 Unified Audit Logs for security research and detection☆41Updated 2 years ago
- ☆79Updated 3 weeks ago
- Cybersecurity Incident Response Plan☆86Updated 3 years ago
- SentinelOne STAR Rules☆45Updated 10 months ago
- A repository of my own Sigma detection rules.☆155Updated last week
- Cyber Underground General Intelligence Requirements☆85Updated 7 months ago
- Resources for SANS CTI Summit 2021 presentation☆102Updated 10 months ago
- The Threat Actor Profile Guide for CTI Analysts☆89Updated last year
- A tool that allows you to document and assess any security automation in your SOC☆40Updated 4 months ago
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor …☆189Updated 10 months ago
- ☆50Updated last year
- Project based on RegRipper, to extract add'l value/pivot points from TLN events file☆74Updated 3 weeks ago
- Remote access and Antivirus Logging Database☆39Updated 4 months ago
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆184Updated 4 years ago
- MISP to Sentinel integration☆57Updated last week
- Full of public notes and Utilities☆81Updated 3 weeks ago