grafana / pySigma-backend-loki
pySigma backend for generating Grafana Loki/LogQL rules
☆40Updated last week
Alternatives and similar repositories for pySigma-backend-loki:
Users that are interested in pySigma-backend-loki are comparing it to the libraries listed below
- ☆175Updated 4 months ago
- A standard for reducing log volume without sacrificing analytical capability☆202Updated last month
- Kubernetes audit logging, when you don't control the control plane☆71Updated last week
- 🧰 Multi Tool Kubernetes Pentest Image☆229Updated 7 months ago
- kubernetes-for-soc aims to fast-track the learning curve for SOC analysts by enabling them to swiftly grasp the essential concepts and kn…☆53Updated last year
- This is a collection of threat detection rules / rules engines that I have come across.☆283Updated 10 months ago
- ☆69Updated 2 months ago
- NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.☆79Updated 2 months ago
- Response Engine for managing threats in your Kubernetes☆151Updated this week
- ☆42Updated 2 weeks ago
- Falco rule repository☆114Updated last week
- A curated list of resources about detecting threats and defending Kubernetes systems.☆376Updated last year
- Transform Linux Audit logs for SIEM usage☆754Updated 2 weeks ago
- An implementation of a Windows Event Collector server running on GNU/Linux.☆70Updated last week
- Curating Falco rules with MITRE ATT&CK Matrix☆78Updated last year
- Validate the isolation posture of your container environment.☆256Updated last week
- Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"☆67Updated last year
- Generate datasets of cloud audit logs for common attacks☆208Updated 7 months ago
- Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently …☆273Updated last month
- HASH (HTTP Agnostic Software Honeypot)☆137Updated 10 months ago
- Security Analytics enables users for detecting security threats on their security event log data. It will also allow them to modify/tailo…☆79Updated last week
- Docker image for MISP☆123Updated this week
- Automated testing, generation & manipulation of #osquery packs☆72Updated 5 months ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆69Updated 10 months ago
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆328Updated last year
- ☆72Updated last week
- OWASP Kubernetes security and compliance tool [WIP]☆106Updated last year
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆81Updated last year
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆125Updated 8 months ago
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆91Updated last year