goog-cmmartin / thatsiemguy
Content related to medium.com/@thatsiemguy
☆14Updated 2 months ago
Alternatives and similar repositories for thatsiemguy:
Users that are interested in thatsiemguy are comparing it to the libraries listed below
- Command line tool to interact with Chronicle's Config Based Normalizer (CBN) APIs.☆29Updated last year
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆72Updated 11 months ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆111Updated 5 months ago
- ☆42Updated 2 years ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆162Updated last month
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆93Updated last year
- ☆93Updated 2 years ago
- Public script from SANS FOR509 Enterprise Cloud Incident Response☆198Updated 7 months ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆77Updated 11 months ago
- Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…☆164Updated 6 months ago
- ☆65Updated 11 months ago
- Anvilogic Forge☆103Updated last week
- A preconfigured Velociraptor triage collector☆51Updated this week
- ☆15Updated last year
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆239Updated last month
- Conference presentations☆47Updated last year
- ☆30Updated last month
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆118Updated last year
- Adversarial Interception Mission Oriented Discovery and Disruption Framework, or AIMOD2, is a structured threat hunting approach to proac…☆88Updated last year
- A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense☆83Updated last year
- Elastic version of SOC prime watcher rules☆29Updated 6 months ago
- A collection of various SIEM rules relating to malware family groups.☆66Updated 10 months ago
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆27Updated last year
- One Conference 2024☆109Updated 6 months ago
- A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incide…☆147Updated last year
- This provides a guided step by step walkthrough for threat modeling with MITRE ATT&CK Framework☆27Updated 2 months ago
- Cybether - A modern, open-source Cybersecurity Governance, Risk, and Compliance (GRC) dashboard☆78Updated last month
- A repository of my own Sigma detection rules.☆158Updated 7 months ago
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆53Updated 2 years ago
- Automating Security Detection Engineering, published by Packt☆54Updated 6 months ago