martinsohn / CIS-Controls
☆14Updated last year
Related projects: ⓘ
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents☆37Updated 4 months ago
- Intelligence around common attacker behaviors (MITRE ATT&CK TTPs), in the form of ATT&CK Navigator "layer" json files.☆34Updated 2 years ago
- ☆28Updated 3 years ago
- A tool that allows you to document and assess any security automation in your SOC☆40Updated 4 months ago
- ☆42Updated 3 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆47Updated 2 weeks ago
- My Jupyter Notebooks☆36Updated 5 months ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆56Updated this week
- Azure function to insert MISP data in to Azure Sentinel☆30Updated last year
- ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…☆15Updated 4 months ago
- The ultimate solution for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆21Updated 3 weeks ago
- Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General☆23Updated 2 years ago
- A library of reference materials, tools, and other resources to aid threat profiling, threat quantification, and cyber adversary defense☆68Updated 9 months ago
- Advisories, guidance, best practice documents and more issued by members of the EU CSIRTs network, a network composed of EU Member States…☆47Updated last week
- Supporting material for my presentation "Adversarial Threat Modelling — A Practical Approach to Purple Teaming in the Enterprise"☆50Updated 2 years ago
- Slides of my public talks☆46Updated 9 months ago
- Repo for Automations and other solutions for Elastic SIEM/Security.☆17Updated 3 years ago
- ☆17Updated this week
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆64Updated 6 months ago
- MITRE Shield website☆18Updated 2 years ago
- The Intelligent Process Lifecycle of Active Cyber Defenders☆31Updated last year
- Send High & New Incidents to The Hive incident management Platform☆17Updated 3 years ago
- Incident Response Playbooks☆14Updated 5 years ago
- ☆15Updated 3 weeks ago
- ☆17Updated 3 years ago
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆51Updated last year
- RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…☆36Updated 2 years ago
- A collection of tips for using MISP.☆74Updated 5 months ago
- my MSTICpy practice and custom tools repository☆11Updated 7 months ago