jjfallete / resilient
Resilient Automation Functions and Scripts
☆15Updated 3 years ago
Alternatives and similar repositories for resilient:
Users that are interested in resilient are comparing it to the libraries listed below
- Playbooks designed for IBM SOAR developed by The IR Gurus. These playbooks can be used to demonstrate how to design playbooks, perform au…☆14Updated 11 months ago
- Source code for IBM SOAR Apps that are available on our App Exchange☆92Updated this week
- These workflows are provided for sample usage, new submissions and updates from the community, and are NOT supported by IBM.☆50Updated 2 months ago
- Pulls IOCs from MISP and adds the to reference sets in QRadar☆34Updated last year
- A Splunk app to use MISP in background☆110Updated 3 weeks ago
- QRadar Export the rule set for printing☆22Updated 7 years ago
- Unofficial third-party scripts, playbooks, and content for IBM QRadar & QRadar Community Edition.☆80Updated 7 months ago
- This repository bundles various utilities and scripts I built for use with IBM QRadar SIEM☆16Updated 4 months ago
- Carbon Black Feeds☆72Updated 2 years ago
- Command line interface to Carbon Black Response☆38Updated 4 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆71Updated 9 months ago
- CB API scripts for IR, administration, etc.☆32Updated 5 years ago
- Library of functions to apply Data Science in several forensics artifacts☆37Updated 7 months ago
- Collection of useful, up to date, Carbon Black Response Queries☆83Updated 4 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆110Updated 4 years ago
- Splunk Searches and Dashboards for DNS Threat Hunting☆10Updated 7 years ago
- Mark Baggett's (@MarkBaggett - GSE #15, SANS SEC573 Author) tool for detecting randomness using NLP techniques rather than pure entropy c…☆125Updated 2 years ago
- Python Library for the IBM SOAR REST API, a Python SDK for developing Apps for IBM SOAR and more...☆41Updated 3 weeks ago
- Salt States for Configuring the SIFT Workstation☆100Updated 2 weeks ago
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆39Updated 2 years ago
- Library of python scripts to apply Data Science in several forensics artifacts☆31Updated 4 years ago
- Example scripts and rules for use in Resilient playbooks.☆34Updated last year
- Analyze binaries collected in VMware Carbon Black EDR against Yara rules.☆37Updated 2 years ago
- InvestigationPlaybookSpec☆72Updated 7 years ago
- ☆42Updated 4 years ago
- Developer documentation for Resilient APIs☆24Updated 2 months ago
- Sigma Detection Rule Repository☆87Updated 4 years ago
- Splunk Boss of the SOC v1 data set.☆111Updated 6 years ago
- Repository of scripts/tools that may be useful in Security Operations Centres (SOC)☆54Updated 4 years ago
- Slides and Other Resources from my latest Talks and Presentations☆24Updated 4 years ago