infosecB / awesome-detection-engineeringLinks
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
☆996Updated 2 months ago
Alternatives and similar repositories for awesome-detection-engineering
Users that are interested in awesome-detection-engineering are comparing it to the libraries listed below
Sorting:
- A collection of sources of documentation, as well as field best practices, to build/run a SOC☆1,428Updated last week
- Incident Response Methodologies 2022☆1,057Updated 2 months ago
- Splunk Security Content☆1,438Updated this week
- A repository of curated datasets from various attacks☆655Updated last week
- A concise, directive, specific, flexible, and free incident response plan template☆715Updated last year
- Purple Team Exercise Framework☆715Updated last year
- SIEM Tactics, Techiques, and Procedures☆637Updated last week
- Cyber Incident Response Team Playbook Battle Cards☆380Updated last year
- A knowledge base of actionable Incident Response techniques☆641Updated 3 years ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆913Updated last year
- Playbooks for SOC Analysts☆528Updated 2 years ago
- A collection of resources for Threat Hunters☆890Updated 8 months ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆617Updated last year
- Scripts and a (future) library to improve users' interactions with the ATT&CK content☆585Updated last year
- This is a Project Designed for Security Analysts and all SOC audiences who wants to play with implementation and explore the Modern SOC a…☆677Updated 9 months ago
- Awesome Security lists for SOC/CERT/CTI☆1,003Updated this week
- A collection of papers, blogs, and resources that make up the quintessential aspects of cyber threat intelligence☆667Updated 2 months ago
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆656Updated 3 weeks ago
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆689Updated 4 months ago
- A curated list of Awesome Threat Intelligence Blogs☆422Updated last week
- 🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept…☆493Updated last year
- Awesome list of keywords and artifacts for Threat Hunting sessions☆583Updated 2 months ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆734Updated 3 months ago
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,810Updated 2 weeks ago
- A framework for developing alerting and detection strategies for incident response.☆754Updated 3 years ago
- A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.☆871Updated 10 months ago
- Splunk Boss of the SOC version 3 dataset.☆345Updated 5 years ago
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆578Updated 5 months ago
- A python module for working with ATT&CK☆562Updated 2 weeks ago
- Actionable analytics designed to combat threats☆989Updated 3 years ago