jjfallete / resilient
Resilient Automation Functions and Scripts
☆15Updated 3 years ago
Alternatives and similar repositories for resilient:
Users that are interested in resilient are comparing it to the libraries listed below
- Playbooks designed for IBM SOAR developed by The IR Gurus. These playbooks can be used to demonstrate how to design playbooks, perform au…☆14Updated 11 months ago
- Source code for IBM SOAR Apps that are available on our App Exchange☆92Updated this week
- These workflows are provided for sample usage, new submissions and updates from the community, and are NOT supported by IBM.☆50Updated last week
- QRadar Export the rule set for printing☆22Updated 7 years ago
- Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.☆82Updated 3 weeks ago
- Python Library for the IBM SOAR REST API, a Python SDK for developing Apps for IBM SOAR and more...☆41Updated last month
- Example scripts and rules for use in Resilient playbooks.☆34Updated last year
- Developer documentation for Resilient APIs☆24Updated 3 months ago
- Carbon Black Feeds☆72Updated 2 years ago
- Download a list of suspected malicious IPs and Domains. Create a QRadar Reference Set. Search Your Environment For Malicious IPs☆68Updated 3 years ago
- Pulls IOCs from MISP and adds the to reference sets in QRadar☆34Updated 2 years ago
- Risk Based Alerting Supporting Add-On (SA) for Splunk☆45Updated 3 years ago
- A Splunk app to use MISP in background☆110Updated last month
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆39Updated 2 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆72Updated 10 months ago
- This repository bundles various utilities and scripts I built for use with IBM QRadar SIEM☆16Updated 5 months ago
- Samples of visualization add-ons to QRadar, utilizing public REST APIs☆34Updated 8 years ago
- Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy c…☆125Updated 2 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆111Updated 4 years ago
- ☆131Updated last year
- Repository of scripts/tools that may be useful in Security Operations Centres (SOC)☆54Updated 4 years ago
- Subscribe to raw VMware Carbon Black EDR event feed and forward to another system, such as Splunk.☆73Updated 11 months ago
- Sunburst IOCs for Splunk Ingest☆18Updated 4 years ago
- Using QRadar API☆20Updated 7 years ago
- TAXII client implementation from EclecticIQ☆99Updated 3 years ago
- Monitor device events using QRadar☆22Updated 2 years ago
- Sigma Detection Rule Repository☆87Updated 4 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆108Updated 5 years ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆105Updated last year
- A Splunk app with saved reports derived from Sigma rules☆73Updated 7 years ago