infosecB / awesome-detection-engineering
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
☆970Updated 3 weeks ago
Alternatives and similar repositories for awesome-detection-engineering
Users that are interested in awesome-detection-engineering are comparing it to the libraries listed below
Sorting:
- A repository of curated datasets from various attacks☆648Updated this week
- A knowledge base of actionable Incident Response techniques☆636Updated 2 years ago
- Incident Response Methodologies 2022☆1,048Updated last month
- A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.☆865Updated 8 months ago
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆607Updated this week
- SIEM Tactics, Techiques, and Procedures☆626Updated last week
- Re-play Security Events☆1,641Updated last year
- Cyber Incident Response Team Playbook Battle Cards☆376Updated last year
- A collection of resources for Threat Hunters☆881Updated 7 months ago
- Detect Tactics, Techniques & Combat Threats☆2,155Updated last week
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆903Updated last year
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆672Updated 3 months ago
- A collection of sources of documentation, as well as field best practices, to build/run a SOC☆1,391Updated 2 weeks ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆615Updated 10 months ago
- A collection of papers, blogs, and resources that make up the quintessential aspects of cyber threat intelligence☆658Updated 3 weeks ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆727Updated 2 months ago
- Open Source Security Events Metadata (OSSEM)☆1,266Updated 2 years ago
- A framework for developing alerting and detection strategies for incident response.☆737Updated 3 years ago
- A concise, directive, specific, flexible, and free incident response plan template☆704Updated last year
- Purple Team Exercise Framework☆700Updated last year
- Awesome list of keywords and artifacts for Threat Hunting sessions☆569Updated 3 weeks ago
- A python module for working with ATT&CK☆544Updated last week
- Hunting queries and detections☆796Updated 3 months ago
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆567Updated 4 months ago
- 🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept…☆492Updated last year
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,156Updated last year
- This project aims to compare and evaluate the telemetry of various EDR products.☆1,795Updated last week
- Splunk Security Content☆1,416Updated this week
- Actionable analytics designed to combat threats☆982Updated 2 years ago
- Splunk Boss of the SOC version 3 dataset.☆340Updated 4 years ago