An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
☆61Mar 12, 2022Updated 4 years ago
Alternatives and similar repositories for detection-as-code
Users that are interested in detection-as-code are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆32Jul 27, 2023Updated 2 years ago
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆1,208Jun 3, 2026Updated last week
- Threat Detection & Anomaly Detection rules for popular open-source components☆53Jul 27, 2022Updated 3 years ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆69Apr 29, 2024Updated 2 years ago
- Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)☆563Updated this week
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Some python scripts I wrote that help with various specialized AWS security things☆10Jan 15, 2020Updated 6 years ago
- ⚠️ ARCHIVED**: This repository is no longer actively maintained. All Sigma rules are now managed and available in SIEM Rules☆13Mar 19, 2026Updated 2 months ago
- This is a collection of threat detection rules / rules engines that I have come across.☆300May 5, 2024Updated 2 years ago
- Deliberately vulnerable AWS resources for security assessment demos☆32Aug 20, 2022Updated 3 years ago
- Resources To Learn And Understand SIGMA Rules☆185Feb 14, 2023Updated 3 years ago
- AWS CloudTrail CloudFormation template which creates KMS encryption keys, an encrypted S3 bucket, and enables CloudTrail☆14May 26, 2024Updated 2 years ago
- Configure AWS accounts for CloudTrail, Root Account Usage Monitor.☆13Aug 24, 2015Updated 10 years ago
- An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share th…☆13Feb 16, 2021Updated 5 years ago
- simple webapp for converting sigma rules into siem queries using the pySigma library☆50Sep 1, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A list of questions that can be asked during an interview for a cloud architect position.☆11Nov 27, 2021Updated 4 years ago
- Collection of example YARA-L rules for use within Google Security Operations☆497May 26, 2026Updated 2 weeks ago
- ☆101Sep 16, 2022Updated 3 years ago
- Sigma Detection Rule Repository☆93Jun 18, 2020Updated 5 years ago
- Built-in Panther detection rules and policies☆452Updated this week
- Splunk Security Content☆1,638Updated this week
- Watch CloudTrail and send notifications of every action to an slack channel.☆13Jun 15, 2018Updated 7 years ago
- 🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.☆14May 22, 2024Updated 2 years ago
- ☆11Feb 9, 2023Updated 3 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Short deep dive into Threat Hunting on AWS☆19Oct 15, 2023Updated 2 years ago
- A BrainF*ck Inspired Shell Obfuscation Proof-of-Concept☆16Mar 11, 2024Updated 2 years ago
- This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…☆17Mar 10, 2023Updated 3 years ago
- Collection of Slides From My Conference Talks☆21Nov 21, 2022Updated 3 years ago
- Sigma rule specification☆194Apr 29, 2026Updated last month
- Automating Security Detection Engineering, published by Packt☆70Oct 12, 2024Updated last year
- AWS Cloudtrail event alerting lambda function. Send alerts to Slack, Email, or SNS.☆20Apr 13, 2023Updated 3 years ago
- Manage GuardDuty At Enterprise Scale☆22Sep 17, 2020Updated 5 years ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆117Jan 22, 2026Updated 4 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- An AI-backed threat hunting assistant that aligns to the PEAK framework.☆43Jun 1, 2026Updated last week
- A repository of my own Sigma detection rules.☆165Nov 25, 2025Updated 6 months ago
- A repository of curated datasets from various attacks☆776Jun 3, 2026Updated last week
- Threat Hunting & Incident Investigation with Osquery☆219Mar 30, 2022Updated 4 years ago
- This is a python tool aiming to make using TheHive webhooks easier.☆28Oct 23, 2020Updated 5 years ago
- ☆18Feb 2, 2026Updated 4 months ago
- Automatic detection engineering technical state compliance☆55Jul 7, 2024Updated last year