An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
☆61Mar 12, 2022Updated 4 years ago
Alternatives and similar repositories for detection-as-code
Users that are interested in detection-as-code are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆31Jul 27, 2023Updated 2 years ago
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆1,175Apr 1, 2026Updated 3 weeks ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆53Jul 27, 2022Updated 3 years ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆69Apr 29, 2024Updated 2 years ago
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆546Apr 21, 2026Updated last week
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Some python scripts I wrote that help with various specialized AWS security things☆10Jan 15, 2020Updated 6 years ago
- ⚠️ ARCHIVED**: This repository is no longer actively maintained. All Sigma rules are now managed and available in SIEM Rules☆12Mar 19, 2026Updated last month
- This is a collection of threat detection rules / rules engines that I have come across.☆298May 5, 2024Updated last year
- Deliberately vulnerable AWS resources for security assessment demos☆32Aug 20, 2022Updated 3 years ago
- Resources To Learn And Understand SIGMA Rules☆185Feb 14, 2023Updated 3 years ago
- AWS CloudTrail CloudFormation template which creates KMS encryption keys, an encrypted S3 bucket, and enables CloudTrail☆14May 26, 2024Updated last year
- Configure AWS accounts for CloudTrail, Root Account Usage Monitor.☆13Aug 24, 2015Updated 10 years ago
- An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share th…☆14Feb 16, 2021Updated 5 years ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆50Sep 1, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A list of questions that can be asked during an interview for a cloud architect position.☆11Nov 27, 2021Updated 4 years ago
- Collection of example YARA-L rules for use within Google Security Operations☆488Apr 20, 2026Updated last week
- ☆99Sep 16, 2022Updated 3 years ago
- Sigma Detection Rule Repository☆93Jun 18, 2020Updated 5 years ago
- Built-in Panther detection rules and policies☆447Apr 23, 2026Updated last week
- Splunk Security Content☆1,615Updated this week
- Watch CloudTrail and send notifications of every action to an slack channel.☆13Jun 15, 2018Updated 7 years ago
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated last year
- Short deep dive into Threat Hunting on AWS☆19Oct 15, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆11Feb 9, 2023Updated 3 years ago
- A BrainF*ck Inspired Shell Obfuscation Proof-of-Concept☆16Mar 11, 2024Updated 2 years ago
- This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…☆17Mar 10, 2023Updated 3 years ago
- Collection of Slides From My Conference Talks☆20Nov 21, 2022Updated 3 years ago
- Sigma rule specification☆186Feb 5, 2026Updated 2 months ago
- Automating Security Detection Engineering, published by Packt☆68Oct 12, 2024Updated last year
- AWS Cloudtrail event alerting lambda function. Send alerts to Slack, Email, or SNS.☆20Apr 13, 2023Updated 3 years ago
- Manage GuardDuty At Enterprise Scale☆22Sep 17, 2020Updated 5 years ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆117Jan 22, 2026Updated 3 months ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- An AI-backed threat hunting assistant that aligns to the PEAK framework.☆41Updated this week
- A repository of my own Sigma detection rules.☆165Nov 25, 2025Updated 5 months ago
- A repository of curated datasets from various attacks☆764Updated this week
- Threat Hunting & Incident Investigation with Osquery☆217Mar 30, 2022Updated 4 years ago
- This is a python tool aiming to make using TheHive webhooks easier.☆28Oct 23, 2020Updated 5 years ago
- ☆18Feb 2, 2026Updated 2 months ago
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year