nericksen / xsoar-md

Related projects ⓘ

Alternatives and complementary repositories for xsoar-md

• rkovar / splunk-hunting-helpers
  ☆55Updated 2 years ago
• PaloAltoNetworks / minemeld-misp
  MineMeld nodes for MISP
  ☆18Updated 9 months ago
• ncsa / bro-doctor
  ☆23Updated 4 years ago
• remg427 / misp42splunk
  A Splunk app to use MISP in background
  ☆109Updated 2 weeks ago
• rocknsm / rock-dashboards
  Dashboards and loader for ROCK NSM dashboards
  ☆47Updated last year
• P1llus / ArcSight-Rest
  Python library for the ArcSight logger REST API
  ☆27Updated 3 years ago
• CIRCL / pystemon
  Monitoring tool for PasteBin-alike sites written in Python. Inspired by pastemon http://github.com/xme/pastemon
  ☆43Updated 3 years ago
• Foundstone / InvestigationPlaybookSpec
  InvestigationPlaybookSpec
  ☆72Updated 7 years ago
• mohlcyber / MISP-STIX-ESM
  Exports MISP events to STIX and ingest into McAfee ESM
  ☆15Updated 4 years ago
• capesstack / capes
  Cyber Analytics Platform and Examination System (CAPES) Project Page
  ☆60Updated 5 years ago
• da667 / AutoMISP
  automate your MISP installs
  ☆66Updated 4 years ago
• Neo23x0 / ti-falsepositives
  A collection of typical false positive indicators
  ☆54Updated 3 years ago
• vmware-archive / cb-reporting
  Report Generation from the Carbon Black REST API
  ☆15Updated 2 years ago
• 0xtf / testmynids.org
  A website and framework for testing NIDS detection
  ☆56Updated 3 years ago
• PaloAltoNetworks / minemeld-ansible
  Ansible playbook for installing MineMeld on Linux
  ☆48Updated 3 years ago
• spitfire55 / MegaDev
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆46Updated 6 years ago
• juju4 / ansible-MISP
  ansible role to setup MISP, Malware Information Sharing Platform & Threat Sharing
  ☆52Updated this week
• defensivedepth / Pertinax
  Integrating Sysinternals Autoruns’ logs into Security Onion
  ☆31Updated 8 months ago
• Benster900 / ThreatWaffle
  Threat hunting repo for my independent study on threat hunting with OSQuery
  ☆28Updated 6 years ago
• MISP / misp-packer
  Build Automated Machine Images for MISP
  ☆28Updated last year
• socprime / soc_workflow_app_ce
  SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…
  ☆92Updated 2 years ago
• olafhartong / TA-Sysmon-deploy
  Deploy and maintain Symon through the Splunk Deployment Sever
  ☆31Updated 4 years ago
• MISP / mail_to_misp
  Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.
  ☆69Updated last year
• Soinull / assimilate
  Assimilate is a series of scripts for using the Naïve Bayes algorithm to find potential malicious activity in HTTP headers
  ☆90Updated 7 years ago
• pierrebarlet / qradar2thehive
  Scripts for TheHive.
  ☆22Updated 4 years ago
• eCrimeLabs / MISP2CbR
  Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.
  ☆19Updated 2 years ago
• PaloAltoNetworks / minemeld-webui
  WebUI of MineMeld
  ☆43Updated last year