Alternatives and similar repositories for wazuh:

Users that are interested in wazuh are comparing it to the libraries listed below

• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆39Updated 10 months ago
• weslambert / securityonion-velociraptor
  Run Velociraptor on Security Onion
  ☆37Updated 2 years ago
• austinsonger / Elastic-Security
  Repo for Automations and other solutions for Elastic SIEM/Security.
  ☆18Updated 3 years ago
• juaromu / wazuh-domain-stats-alienvault
  ☆16Updated 3 years ago
• Loginsoft-LLC / threat-detection-rules
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆51Updated 2 years ago
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆55Updated 3 weeks ago
• juaromu / wazuh-misp
  ☆15Updated 2 years ago
• dariommr / scripts
  Personal scripts
  ☆13Updated 6 months ago
• sametsazak / sysmon
  Sysmon and wazuh integration with Sigma sysmon rules [updated]
  ☆64Updated 3 years ago
• cdefid / TheHiveIRPlaybook
  TheHiveIRPlaybook is a collection of TheHive case templates used for Incident Response
  ☆13Updated 4 years ago
• SanWieb / sigWah
  A Sigma to Wazuh / OSSEC converter including a generated Windows Sysmon ruleset
  ☆33Updated 4 years ago
• MISP / SkillAegis
  SkillAegis is a platform to design, run, and monitor exercise scenarios, enhancing skills in applications like MISP and training users in…
  ☆26Updated last week
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆70Updated last year
• Security-Onion-Solutions / securityonion-soc
  ☆52Updated this week
• Truvis / SplunkDashboards
  Collection of Dashboards for Threat Hunting and more!
  ☆65Updated 4 years ago
• blackstork-io / fabric-templates
  Open-source Fabric templates for cybersecurity and compliance
  ☆16Updated 2 months ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 3 months ago
• chaitanyakrishna / IOCScraper
  IOCPARSER.COM is a Fast and Reliable service that enables you to extract IOCs and intelligence from different data sources.
  ☆34Updated 3 years ago
• tropChaud / Cyber-Adversary-Heatmaps
  Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.
  ☆34Updated 2 years ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆21Updated 2 years ago
• brianreitz / awesome-blueteam
  A list of resources to build a information security team.
  ☆13Updated 4 years ago
• ThreatLabz / iocs
  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
  ☆71Updated 4 months ago
• korniko98 / pivot-atlas
  ☆87Updated last month
• corelight / zeek2es
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆35Updated 2 years ago
• nobody-cares / Incident-Response-Plan
  Incident Response Plan for all major incidents including cheatsheets for both linux and windows
  ☆14Updated 4 years ago
• alwashmi / MasterParser
  MasterParser is a simple, all-in-one, digital forensics artifact parser
  ☆23Updated 3 years ago
• correlatedsecurity / SPEED-SIEM-Use-Case-Framework
  Repository for SPEED SIEM Use Case Framework
  ☆53Updated 4 years ago
• center-for-threat-informed-defense / sightings_ecosystem
  Sightings Ecosystem gives cyber defenders visibility into what adversaries actually do in the wild. With your help, we are tracking MITRE…
  ☆34Updated this week
• svch0stz / TheThreatHuntLibrary
  Library of threat hunts to get any user started!
  ☆42Updated 4 years ago