jjfallete / resilient
Resilient Automation Functions and Scripts
☆15Updated 2 years ago
Related projects: ⓘ
- Source code for IBM SOAR Apps that are available on our App Exchange☆88Updated 3 weeks ago
- Playbooks designed for IBM SOAR developed by The IR Gurus. These playbooks can be used to demonstrate how to design playbooks, perform au…☆12Updated 4 months ago
- These workflows are provided for sample usage, new submissions and updates from the community, and are NOT supported by IBM.☆46Updated 2 weeks ago
- Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.☆75Updated last month
- Python Library for the IBM SOAR REST API, a Python SDK for developing Apps for IBM SOAR and more...☆39Updated 2 months ago
- This repository bundles various utilities and scripts I built for use with IBM QRadar SIEM☆16Updated 2 years ago
- Pulls IOCs from MISP and adds the to reference sets in QRadar☆33Updated last year
- QRadar Export the rule set for printing☆21Updated 6 years ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆37Updated 2 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆72Updated 3 months ago
- A Splunk app to use MISP in background☆109Updated 9 months ago
- Converts Sigma detection rules to a Splunk alert configuration.☆105Updated 4 years ago
- TAXII client implementation from EclecticIQ☆97Updated 3 years ago
- ☆101Updated this week
- Example scripts and rules for use in Resilient playbooks.☆33Updated 9 months ago
- Library of functions to apply Data Science in several forensics artifacts☆37Updated last month
- Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy c…☆123Updated last year
- Developer documentation for Resilient APIs☆24Updated 3 months ago
- ☆131Updated 5 months ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆51Updated 2 years ago
- The FASTEST way to consume threat intel.☆62Updated last year
- ☆13Updated this week
- Collection of useful, up to date, Carbon Black Response Queries☆82Updated 3 years ago
- Sigma Detection Rule Repository☆84Updated 4 years ago
- Risk Based Alerting Supporting Add-On (SA) for Splunk☆44Updated 2 years ago
- Python library for the ArcSight logger REST API☆27Updated 2 years ago
- ☆48Updated 8 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆106Updated 4 years ago
- Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing☆104Updated 8 months ago
- Library of python scripts to apply Data Science in several forensics artifacts☆31Updated 4 years ago