An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
☆60Mar 12, 2022Updated 4 years ago
Alternatives and similar repositories for detection-as-code
Users that are interested in detection-as-code are comparing it to the libraries listed below
Sorting:
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆31Jul 27, 2023Updated 2 years ago
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆1,151Dec 19, 2025Updated 3 months ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆68Apr 29, 2024Updated last year
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆535Mar 14, 2026Updated last week
- Some python scripts I wrote that help with various specialized AWS security things☆10Jan 15, 2020Updated 6 years ago
- ⚠️ ARCHIVED**: This repository is no longer actively maintained. All Sigma rules are now managed and available in SIEM Rules☆12Updated this week
- This is a collection of threat detection rules / rules engines that I have come across.☆297May 5, 2024Updated last year
- Deliberately vulnerable AWS resources for security assessment demos☆32Aug 20, 2022Updated 3 years ago
- Resources To Learn And Understand SIGMA Rules☆183Feb 14, 2023Updated 3 years ago
- AWS CloudTrail CloudFormation template which creates KMS encryption keys, an encrypted S3 bucket, and enables CloudTrail☆14May 26, 2024Updated last year
- Configure AWS accounts for CloudTrail, Root Account Usage Monitor.☆13Aug 24, 2015Updated 10 years ago
- An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share th…☆14Feb 16, 2021Updated 5 years ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆50Sep 1, 2023Updated 2 years ago
- Collection of example YARA-L rules for use within Google Security Operations☆477Dec 5, 2025Updated 3 months ago
- A list of questions that can be asked during an interview for a cloud architect position.☆11Nov 27, 2021Updated 4 years ago
- ☆99Sep 16, 2022Updated 3 years ago
- Sigma Detection Rule Repository☆92Jun 18, 2020Updated 5 years ago
- Built-in Panther detection rules and policies☆441Mar 13, 2026Updated last week
- Splunk Security Content☆1,584Mar 14, 2026Updated last week
- Watch CloudTrail and send notifications of every action to an slack channel.☆13Jun 15, 2018Updated 7 years ago
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated last year
- Short deep dive into Threat Hunting on AWS☆18Oct 15, 2023Updated 2 years ago
- ☆11Feb 9, 2023Updated 3 years ago
- A BrainF*ck Inspired Shell Obfuscation Proof-of-Concept☆16Mar 11, 2024Updated 2 years ago
- This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…☆18Mar 10, 2023Updated 3 years ago
- Collection of Slides From My Conference Talks☆20Nov 21, 2022Updated 3 years ago
- Sigma rule specification☆174Feb 5, 2026Updated last month
- Automating Security Detection Engineering, published by Packt☆67Oct 12, 2024Updated last year
- AWS Cloudtrail event alerting lambda function. Send alerts to Slack, Email, or SNS.☆20Apr 13, 2023Updated 2 years ago
- Manage GuardDuty At Enterprise Scale☆22Sep 17, 2020Updated 5 years ago
- A framework and taxonomy for identifying, classifying, and reasoning about detection logic bugs in SIEM, EDR, and XDR rules, with concret…☆42Mar 5, 2026Updated 2 weeks ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆118Jan 22, 2026Updated last month
- A repository of my own Sigma detection rules.☆163Nov 25, 2025Updated 3 months ago
- A repository of curated datasets from various attacks☆746Updated this week
- Threat Hunting & Incident Investigation with Osquery☆216Mar 30, 2022Updated 3 years ago
- ☆18Feb 2, 2026Updated last month
- This is a python tool aiming to make using TheHive webhooks easier.☆28Oct 23, 2020Updated 5 years ago
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year
- ☆15Jul 20, 2022Updated 3 years ago