jorritfolmer / TA-dmarc
Add-on for ingesting DMARC aggregate reports into Splunk
☆15Updated 2 years ago
Alternatives and similar repositories for TA-dmarc:
Users that are interested in TA-dmarc are comparing it to the libraries listed below
- scripts to configure the Splunk Universal Forwarder in a locked down state☆40Updated 6 years ago
- ☆55Updated 3 years ago
- Risk Based Alerting Supporting Add-On (SA) for Splunk☆45Updated 3 years ago
- Sysmon Splunk App☆46Updated 6 years ago
- Splunk csv to KVStore ES Threat Intel☆11Updated 8 years ago
- Carbon Black Feeds☆72Updated 2 years ago
- Cisco eStreamer client☆24Updated 2 years ago
- ☆14Updated 8 years ago
- ☆19Updated 3 years ago
- Allows to pull asset and identity data into Splunk app for Enterprise Security from LDAP and other sources☆27Updated 7 years ago
- InvestigationPlaybookSpec☆72Updated 7 years ago
- Splunk app for visualization of DMARC RUA mails☆14Updated last year
- A Splunk app to use MISP in background☆110Updated last month
- Connector for pulling and converting STIX information from TAXII Service Providers into CB Feeds.☆15Updated 2 years ago
- Sunburst IOCs for Splunk Ingest☆18Updated 4 years ago
- Command line interface to Carbon Black Response☆38Updated 4 years ago
- Powering Up Incident Response with Power-Response☆63Updated 5 years ago
- Allows for MAC address to vendor mapping in Splunk☆16Updated last year
- A set of Splunk workflow action definitions to export field values to CyberChef for further analysis.☆12Updated 7 years ago
- Deploy and maintain Symon through the Splunk Deployment Sever☆31Updated 4 years ago
- Expert Investigation Guides☆51Updated 4 years ago
- Volatility plugins developed and maintained by the community☆21Updated 7 months ago
- A Splunk app with saved reports derived from Sigma rules☆73Updated 7 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆111Updated 4 years ago
- This repo represents work the Phantom Community collaborates on to build apps and learn.☆12Updated 3 years ago
- CB API scripts for IR, administration, etc.☆32Updated 5 years ago
- ☆39Updated 5 years ago
- Actionable analytics designed to combat threats based on MITRE's ATT&CK.☆22Updated 5 years ago
- ☆54Updated 3 years ago
- Subscribe to raw VMware Carbon Black EDR event feed and forward to another system, such as Splunk.☆73Updated 11 months ago