Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
☆1,231Jun 18, 2026Updated 2 weeks ago
Alternatives and similar repositories for awesome-detection-engineering
Users that are interested in awesome-detection-engineering are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆295Feb 5, 2024Updated 2 years ago
- ✨ A curated list of awesome threat detection and hunting resources 🕵️♂️☆4,656Jan 5, 2026Updated 5 months ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆61Mar 12, 2022Updated 4 years ago
- Splunk Security Content☆1,646Jun 26, 2026Updated last week
- A framework for developing alerting and detection strategies for incident response.☆883Sep 8, 2025Updated 9 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆814Jan 14, 2026Updated 5 months ago
- A repository of my own Sigma detection rules.☆165Nov 25, 2025Updated 7 months ago
- ☆2,632Updated this week
- KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunt…☆1,713Jun 22, 2026Updated last week
- Main Sigma Rule Repository☆10,665Jun 24, 2026Updated last week
- This is a collection of threat detection rules / rules engines that I have come across.☆300May 5, 2024Updated 2 years ago
- Detect Tactics, Techniques & Combat Threats☆2,303Jun 2, 2026Updated last month
- Granular, Actionable Adversary Emulation for the Cloud☆2,349Jun 16, 2026Updated 2 weeks ago
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,509Updated this week
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆102Sep 16, 2022Updated 3 years ago
- A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…☆4,598Jan 12, 2026Updated 5 months ago
- A repository of curated datasets from various attacks☆783Updated this week
- Built-in Panther detection rules and policies☆455Jun 26, 2026Updated last week
- Threatest is a CLI and Go framework for end-to-end testing threat detection rules.☆343Jun 19, 2026Updated 2 weeks ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆69Updated this week
- Mapping of open-source detection rules and atomic tests.☆213Feb 16, 2026Updated 4 months ago
- Collection of example YARA-L rules for use within Google Security Operations☆503Jun 10, 2026Updated 3 weeks ago
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,969Jun 20, 2026Updated 2 weeks ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Resources To Learn And Understand SIGMA Rules☆187Feb 14, 2023Updated 3 years ago
- Awesome list of keywords and artifacts for Threat Hunting sessions☆662Aug 4, 2025Updated 11 months ago
- Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS☆1,677Jan 8, 2025Updated last year
- pocket guide for core detection engineering concepts☆31May 8, 2023Updated 3 years ago
- A curated knowledge base to build, run and mature a SOC (including CSIRT).☆1,759Jun 9, 2026Updated 3 weeks ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆659Jun 19, 2024Updated 2 years ago
- Anvilogic Forge☆119Mar 31, 2026Updated 3 months ago
- A curated list of resources about detecting threats and defending Kubernetes systems.☆408Sep 2, 2023Updated 2 years ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆224Sep 4, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Living Off the Orchard: macOS Binaries (LOOBins) is designed to provide detailed information on various built-in "living off the land" ma…☆538Jun 4, 2026Updated last month
- An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.☆2,129May 28, 2025Updated last year
- Hunting queries and detections☆914May 7, 2026Updated last month
- Automate the creation of a lab environment complete with security tooling and logging best practices☆4,984Jul 6, 2024Updated last year
- Awesome Security lists for SOC/CERT/CTI☆1,675Jun 26, 2026Updated last week
- A curated list of tools for incident response☆9,127May 6, 2026Updated last month
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆750Jun 18, 2026Updated 2 weeks ago