ibmresilient / resilient-scripts
Example scripts and rules for use in Resilient playbooks.
☆33Updated 9 months ago
Related projects: ⓘ
- Python Library for the IBM SOAR REST API, a Python SDK for developing Apps for IBM SOAR and more...☆39Updated 2 months ago
- Developer documentation for Resilient APIs☆24Updated 3 months ago
- Source code for IBM SOAR Apps that are available on our App Exchange☆88Updated 3 weeks ago
- Pulls IOCs from MISP and adds the to reference sets in QRadar☆33Updated last year
- Quick SOC L1 ticket structure☆35Updated 5 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆106Updated 4 years ago
- Playbooks designed for IBM SOAR developed by The IR Gurus. These playbooks can be used to demonstrate how to design playbooks, perform au…☆12Updated 4 months ago
- ☆101Updated this week
- ☆21Updated this week
- Repository of public reference frameworks for the DFIR community.☆105Updated last year
- Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General☆23Updated 2 years ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- ☆83Updated 2 years ago
- SPL cheatsheet for Splunk.☆20Updated last year
- QRadar Export the rule set for printing☆21Updated 6 years ago
- This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR☆73Updated 2 years ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆37Updated 2 years ago
- ☆131Updated 5 months ago
- ☆41Updated 3 years ago
- Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.☆75Updated last month
- ☆40Updated last year
- Cybersecurity Incident Response Plan☆86Updated 3 years ago
- ☆118Updated 2 years ago
- This was code for analyzing round 1 of the MITRE Enterprise ATT&CK Evaluation. Please check out https://github.com/joshzelonis/Enterprise…☆95Updated 4 years ago
- Scripts to facilitate filtering with Plaso☆124Updated 4 years ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆139Updated last year
- Reflex SOAR☆12Updated 2 years ago
- Resources for SANS CTI Summit 2021 presentation☆102Updated 10 months ago
- ☆113Updated 7 months ago
- Creating a resource to help build and manage an Insider Threat program.☆61Updated 5 months ago