goog-cmmartin / thatsiemguy
Content related to medium.com/@thatsiemguy
☆14Updated last month
Alternatives and similar repositories for thatsiemguy:
Users that are interested in thatsiemguy are comparing it to the libraries listed below
- ☆93Updated 2 years ago
- Command line tool to interact with Chronicle's Config Based Normalizer (CBN) APIs.☆28Updated last year
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆67Updated 9 months ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆109Updated 3 months ago
- Public script from SANS FOR509 Enterprise Cloud Incident Response☆194Updated 5 months ago
- ☆42Updated 2 years ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆76Updated 9 months ago
- Generate a matrix based on an inventory of InfoSec tools☆23Updated 7 months ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆116Updated last year
- MISP to Sentinel integration☆62Updated 3 months ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆156Updated 2 weeks ago
- ☆100Updated last month
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆91Updated last year
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆197Updated 4 years ago
- A repository of my own Sigma detection rules.☆157Updated 5 months ago
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆228Updated last year
- Automating Security Detection Engineering, published by Packt☆54Updated 4 months ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆171Updated 5 months ago
- Some of the tools we use during vCISO engagements☆15Updated 2 years ago
- ☆29Updated 5 months ago
- ☆65Updated 9 months ago
- This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR☆77Updated 3 years ago
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆86Updated last year
- Practical Threat Detection Engineering, Published by Packt☆65Updated last year
- Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE☆110Updated last month
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆65Updated 11 months ago
- Elastic version of SOC prime watcher rules☆29Updated 4 months ago
- A community-driven repository for threat hunting ideas, methodologies, and research that serves as a central gathering place for hunters …☆186Updated this week
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆269Updated last year