infosecB / awesome-detection-engineering
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
☆927Updated last month
Alternatives and similar repositories for awesome-detection-engineering:
Users that are interested in awesome-detection-engineering are comparing it to the libraries listed below
- A knowledge base of actionable Incident Response techniques☆628Updated 2 years ago
- Incident Response Methodologies 2022☆1,031Updated last year
- A collection of papers, blogs, and resources that make up the quintessential aspects of cyber threat intelligence☆645Updated 4 months ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆792Updated last year
- Collection of Event ID ressources useful for Digital Forensics and Incident Response☆601Updated 8 months ago
- A collection of sources of documentation, as well as field best practices, to build/run a SOC☆1,326Updated this week
- A repository of curated datasets from various attacks☆620Updated this week
- Cyber Incident Response Team Playbook Battle Cards☆370Updated 9 months ago
- SIEM Tactics, Techiques, and Procedures☆612Updated last week
- Splunk Security Content☆1,349Updated this week
- A concise, directive, specific, flexible, and free incident response plan template☆674Updated 9 months ago
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆584Updated last month
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆705Updated 2 months ago
- Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.☆640Updated last year
- 🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept…☆488Updated 10 months ago
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆269Updated last year
- Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.☆550Updated last month
- Awesome Security lists for SOC/CERT/CTI☆843Updated this week
- A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.☆841Updated 5 months ago
- GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]☆1,434Updated 6 months ago
- This is a Project Designed for Security Analysts and all SOC audiences who wants to play with implementation and explore the Modern SOC a…☆652Updated 4 months ago
- Purple Team Exercise Framework☆675Updated last year
- A curated list of annual cyber security reports☆450Updated this week
- Detect Tactics, Techniques & Combat Threats☆2,116Updated 3 weeks ago
- This repository contains Open Source freely usable Threat Intel feeds that can be used without additional requirements. Contains multiple…☆637Updated 3 weeks ago
- Scripts and a (future) library to improve users' interactions with the ATT&CK content☆585Updated last year
- Awesome list of keywords and artifacts for Threat Hunting sessions☆522Updated this week
- A collection of resources for Threat Hunters☆874Updated 4 months ago
- Hunting queries and detections☆760Updated last month
- Collection of awesome resources on intelligence writing, including manuals/guides, standards, books, tranings, articles, videos, etc☆532Updated 6 months ago