misje / opencti-wazuh-connectorLinks
OpenCTI–Wazuh connector looking for indicators in Wazuh and creating sightings
☆20Updated last year
Alternatives and similar repositories for opencti-wazuh-connector
Users that are interested in opencti-wazuh-connector are comparing it to the libraries listed below
Sorting:
- ☆39Updated 2 years ago
- ☆19Updated 3 years ago
- The official Prelude SIEM GitHub of https://www.prelude-siem.org☆33Updated 9 years ago
- Wazuh extension looking up alert data against indicators in OpenCTI threat intel☆22Updated last year
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆131Updated last year
- Wazuh integration TheHive☆39Updated 2 years ago
- Tools for Wazuh by Juan C. Tello☆15Updated 3 years ago
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆83Updated last month
- Personal scripts☆15Updated last year
- Convert Sigma rules to Wazuh rules☆73Updated 3 weeks ago
- ☆17Updated 3 years ago
- ☆19Updated 2 years ago
- Useful scripts for those administering Wazuh☆86Updated 2 weeks ago
- Apps to be used for Shuffle automation. Most of Shuffle's apps (2500+) are generated from APIs, and available in the search engine below:☆116Updated 2 weeks ago
- Sysmon and wazuh integration with Sigma sysmon rules [updated]☆70Updated 4 years ago
- Convert Sigma rules to SIEM queries, directly in your browser.☆96Updated this week
- Automation tool for Windows Deception Host Burn-In☆86Updated 10 months ago
- Docker configurations for TheHive, Cortex and 3rd party tools☆126Updated 2 years ago
- Collection of tool you need to have in your Endpoint Detection and Response arsenal☆107Updated last year
- OpenCTI Docker deployment helpers☆206Updated this week
- An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.☆161Updated 7 months ago
- A highly available AWS deployment of the Threat Intelligence platform, OpenCTI using Terraform. Native AWS resources are used where feasi…☆36Updated 2 years ago
- ATT&CK Data Model (ADM): A TypeScript library for structured interaction with MITRE ATT&CK datasets. Uses Zod schemas, TypeScript types, …☆41Updated this week
- Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.☆51Updated 9 months ago
- Jimi is an automation first no-code platform designed and developed originally for Security Orchestration and Response. Since its launch …☆167Updated last year
- ☆96Updated 2 months ago
- Osquery Packs we use for customer security hardening☆12Updated 3 months ago
- Security Onion + Automation + Response Lab including n8n and Velociraptor☆112Updated 3 years ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆66Updated 3 years ago
- Open-source Fabric templates for cybersecurity and compliance☆22Updated 8 months ago