grafana / pySigma-backend-loki
pySigma backend for generating Grafana Loki/LogQL rules
☆36Updated 3 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for pySigma-backend-loki
- This is a collection of threat detection rules / rules engines that I have come across.☆275Updated 6 months ago
- kubernetes-for-soc aims to fast-track the learning curve for SOC analysts by enabling them to swiftly grasp the essential concepts and kn…☆51Updated 11 months ago
- A standard for reducing log volume without sacrificing analytical capability☆189Updated last year
- Response Engine for managing threats in your Kubernetes☆132Updated this week
- ☆168Updated this week
- 🧰 Multi Tool Kubernetes Pentest Image☆215Updated 2 months ago
- A curated list of resources about detecting threats and defending Kubernetes systems.☆364Updated last year
- Generate datasets of cloud audit logs for common attacks☆184Updated 3 months ago
- Falco rule repository☆96Updated last month
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆319Updated 11 months ago
- ☆67Updated 8 months ago
- Kubernetes audit logging, when you don't control the control plane☆65Updated this week
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆30Updated last month
- Curating Falco rules with MITRE ATT&CK Matrix☆74Updated 8 months ago
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆66Updated 11 months ago
- Released at Black Hat Asia on April 18, 2024, Cloud Console Cartographer is a framework for condensing groupings of cloud events (e.g. Cl…☆157Updated 6 months ago
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆260Updated 9 months ago
- Awesome Incident Response☆260Updated 7 months ago
- An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.☆96Updated last month
- The Sigma command line interface based on pySigma☆136Updated 3 months ago
- ☆252Updated last month
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆400Updated this week
- Threat-hunting tool for Linux☆392Updated this week
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆59Updated 8 months ago
- Production-ready detection & response queries for osquery☆530Updated this week
- VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities☆101Updated last month
- Halberd : Multi-Cloud Attack Tool☆209Updated this week
- Docker image for MISP☆115Updated this week
- ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident…☆351Updated 2 weeks ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆85Updated 10 months ago