juaromu / wazuh-openctiLinks
☆39Updated 2 years ago
Alternatives and similar repositories for wazuh-opencti
Users that are interested in wazuh-opencti are comparing it to the libraries listed below
Sorting:
- ☆19Updated 2 years ago
- Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service☆30Updated last year
- Personal scripts☆15Updated last year
- Convert Sigma rules to Wazuh rules☆73Updated last month
- MISP Playbooks☆215Updated last week
- Wazuh integration TheHive☆39Updated 2 years ago
- ☆32Updated 3 years ago
- Useful scripts for those administering Wazuh☆87Updated last month
- The Enhanced MITRE ATT&CK® Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simp…☆31Updated 3 weeks ago
- Wazuh extension looking up alert data against indicators in OpenCTI threat intel☆22Updated last year
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆112Updated 3 years ago
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆268Updated 7 months ago
- Docker configurations for TheHive, Cortex and 3rd party tools☆126Updated 2 years ago
- Cybersecurity Incident Response Plan☆108Updated 5 years ago
- Practical Threat Detection Engineering, Published by Packt☆76Updated 2 years ago
- Run Velociraptor on Security Onion☆40Updated 3 years ago
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆70Updated 4 years ago
- ☆45Updated 2 years ago
- A collection of various SIEM rules relating to malware family groups.☆70Updated last year
- This repository contains Splunk queries to hunt some anomalies☆44Updated 3 years ago
- These are open source rules that can be utilized with QRadar to detect various types of threats in the environment.☆56Updated 6 years ago
- A list of Splunk queries that I've collected and used over time.☆86Updated 4 years ago
- Tools for simulating threats☆193Updated last year
- Creating a resource to help build and manage an Insider Threat program.☆99Updated 8 months ago
- Automating Security Detection Engineering, published by Packt☆63Updated last year
- A production ready Dockered MISP☆288Updated this week
- A curated repository of incident response playbooks☆103Updated 2 years ago
- A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense☆101Updated last year
- MISP to Sentinel integration☆74Updated 3 weeks ago
- ☆94Updated 2 months ago