ibmresilient / resilient-scripts
Example scripts and rules for use in Resilient playbooks.
☆34Updated last year
Alternatives and similar repositories for resilient-scripts:
Users that are interested in resilient-scripts are comparing it to the libraries listed below
- Developer documentation for Resilient APIs☆24Updated 3 months ago
- Python Library for the IBM SOAR REST API, a Python SDK for developing Apps for IBM SOAR and more...☆41Updated last month
- Source code for IBM SOAR Apps that are available on our App Exchange☆92Updated this week
- Quick SOC L1 ticket structure☆35Updated 5 years ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆39Updated 2 years ago
- Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.☆82Updated 3 weeks ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆108Updated 5 years ago
- ☆131Updated last year
- Repository of public reference frameworks for the DFIR community.☆116Updated last year
- Repository for SPEED SIEM Use Case Framework☆53Updated 4 years ago
- Pulls IOCs from MISP and adds the to reference sets in QRadar☆34Updated 2 years ago
- Collection of walkthroughs on various threat hunting techniques☆75Updated 4 years ago
- Sigma Detection Rule Repository☆87Updated 4 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 3 years ago
- Playbooks designed for IBM SOAR developed by The IR Gurus. These playbooks can be used to demonstrate how to design playbooks, perform au…☆14Updated 11 months ago
- ☆42Updated 2 years ago
- Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy c…☆125Updated 2 years ago
- These are open source rules that can be utilized with QRadar to detect various types of threats in the environment.☆54Updated 5 years ago
- Dump of organized knowledge on DFIR☆134Updated 3 years ago
- ☆42Updated 4 years ago
- DigitalShadows Alert Feeder for TheHive, an Open Source and Free Security Incident Response Platform☆36Updated 5 years ago
- A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.☆210Updated 3 weeks ago
- ☆54Updated 3 years ago
- ☆93Updated 2 years ago
- Security Monitoring Resolution Categories☆138Updated 3 years ago
- QRadar Export the rule set for printing☆22Updated 7 years ago
- Cybersecurity Incident Response Plan☆90Updated 4 years ago
- A Splunk app to use MISP in background☆110Updated last month
- This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR☆77Updated 3 years ago
- Splunk code (SPL) for serious threat hunters and detection engineers.☆276Updated last year