mitre / saf
The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools developed by MITRE and the security community to streamline security automation for systems and DevOps pipelines
☆141Updated this week
Alternatives and similar repositories for saf:
Users that are interested in saf are comparing it to the libraries listed below
- Heimdall Enterprise Server 2 lets you view, store, and compare automated security control scan results.☆212Updated this week
- A web application to streamline the development of STIGs from SRGs☆69Updated 3 weeks ago
- Controls Assessment Specification☆69Updated 8 months ago
- These are files that a new CISO or someone introducing security to an organization can leverage to bridge the gap between security and th…☆71Updated 3 months ago
- CISA's space for collaboration on the Cybersecurity Performance Goals.☆72Updated 2 months ago
- OCSF Documentation☆122Updated last month
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆121Updated 6 months ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆51Updated 2 years ago
- Documentation on the OpenRMF application, including scripts to run the whole stack as well as just infrastructure with documentation on u…☆132Updated 3 weeks ago
- Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…☆51Updated this week
- 🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…☆379Updated 10 months ago
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆142Updated 5 months ago
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆337Updated this week
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆44Updated last week
- Cyber Incident Response Team Playbook Battle Cards☆370Updated 9 months ago
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆268Updated last year
- Anvilogic Forge☆93Updated last week
- ☆117Updated last year
- Search a filesystem for indicators of compromise (IoC).☆69Updated this week
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆91Updated last year
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆131Updated 11 months ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆65Updated 9 months ago
- Security Control Knowledge Graph☆27Updated 9 months ago
- Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CK® with a prioritized top 10 list of techniques t…☆116Updated 6 months ago
- The Infosec Community Definitive Guide to Jupyter Notebooks☆121Updated 4 years ago
- Synthetic Adversarial Log Objects: A Framework for synthentic log generation☆78Updated last year
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆156Updated 2 weeks ago
- NIST CyberSecurity Framework management tool☆160Updated 3 years ago
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆52Updated last year
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆167Updated 5 months ago