infosecB / awesome-detection-engineeringLinks
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
☆980Updated last month
Alternatives and similar repositories for awesome-detection-engineering
Users that are interested in awesome-detection-engineering are comparing it to the libraries listed below
Sorting:
- Incident Response Methodologies 2022☆1,052Updated last month
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆649Updated last week
- A collection of sources of documentation, as well as field best practices, to build/run a SOC☆1,401Updated 2 weeks ago
- A repository of curated datasets from various attacks☆650Updated last week
- A knowledge base of actionable Incident Response techniques☆637Updated 3 years ago
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆615Updated 11 months ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆908Updated last year
- Purple Team Exercise Framework☆706Updated last year
- A concise, directive, specific, flexible, and free incident response plan template☆709Updated last year
- Splunk Security Content☆1,433Updated this week
- Cyber Incident Response Team Playbook Battle Cards☆378Updated last year
- Detect Tactics, Techniques & Combat Threats☆2,164Updated last week
- A collection of papers, blogs, and resources that make up the quintessential aspects of cyber threat intelligence☆667Updated last month
- A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.☆865Updated 9 months ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆731Updated 2 months ago
- SIEM Tactics, Techiques, and Procedures☆629Updated 2 weeks ago
- A collection of resources for Threat Hunters☆887Updated 7 months ago
- Hunting queries and detections☆803Updated 4 months ago
- A framework for developing alerting and detection strategies for incident response.☆749Updated 3 years ago
- Awesome Security lists for SOC/CERT/CTI☆984Updated this week
- Awesome list of keywords and artifacts for Threat Hunting sessions☆576Updated last month
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,292Updated this week
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆576Updated 4 months ago
- 🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept…☆493Updated last year
- Practical Windows Forensics Training☆665Updated last year
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆682Updated 4 months ago
- This is a Project Designed for Security Analysts and all SOC audiences who wants to play with implementation and explore the Modern SOC a…☆672Updated 8 months ago
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆278Updated last year
- Splunk Boss of the SOC version 3 dataset.☆343Updated 4 years ago
- A curated list of Awesome Threat Intelligence Blogs☆406Updated last week