grafana / pySigma-backend-loki
pySigma backend for generating Grafana Loki/LogQL rules
☆37Updated 2 weeks ago
Alternatives and similar repositories for pySigma-backend-loki:
Users that are interested in pySigma-backend-loki are comparing it to the libraries listed below
- kubernetes-for-soc aims to fast-track the learning curve for SOC analysts by enabling them to swiftly grasp the essential concepts and kn…☆51Updated last year
- This is a collection of threat detection rules / rules engines that I have come across.☆277Updated 8 months ago
- A standard for reducing log volume without sacrificing analytical capability☆198Updated last year
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆77Updated 2 weeks ago
- 🧰 Multi Tool Kubernetes Pentest Image☆218Updated 4 months ago
- Falco rule repository☆102Updated this week
- Kubernetes audit logging, when you don't control the control plane☆67Updated this week
- The Sigma command line interface based on pySigma☆141Updated 3 weeks ago
- Curating Falco rules with MITRE ATT&CK Matrix☆77Updated 10 months ago
- VMClarity is a tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and vulnerabilities☆101Updated 3 months ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆153Updated last month
- ☆69Updated 10 months ago
- Helm charts for running open source digital forensic tools in Kubernetes☆79Updated this week
- A curated list of resources about detecting threats and defending Kubernetes systems.☆370Updated last year
- Runtime detection and response for malicious events in Kubernetes workloads☆39Updated 10 months ago
- Response Engine for managing threats in your Kubernetes☆147Updated this week
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆30Updated 3 months ago
- Monitoring a Kubernetes cluster involves deploying and utilizing the Wazuh agent within the Kubernetes environment.☆58Updated this week
- ☆171Updated last month
- Vulnerability-Lookup facilitates quick correlation of vulnerabilities from various sources, independent of vulnerability IDs, and streaml…☆184Updated this week
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆323Updated last year
- A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and contr…☆175Updated 3 weeks ago
- Threat-informed defense for cloudnative: Reference Implementation of a so-called Honeycluster - for kind (and GKE, RKE2, AKS)☆29Updated this week
- Validate the isolation posture of your container environment.☆228Updated this week
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆64Updated 8 months ago
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆264Updated 11 months ago
- A Software as a Service (SaaS) log collection framework.☆147Updated last month
- Automated testing, generation & manipulation of #osquery packs☆71Updated 3 months ago
- Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.☆51Updated last week
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆80Updated 11 months ago