Alternatives and similar repositories for examples

Users that are interested in examples are comparing it to the libraries listed below

• aws-samples / amazon-security-lake-ocsf-validation
  ☆33Updated 6 months ago
• panther-labs / panther-analysis
  Built-in Panther detection rules and policies
  ☆421Updated this week
• mitre / saf
  The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools…
  ☆162Updated last week
• ocsf / ocsf-docs
  OCSF Documentation
  ☆139Updated 3 months ago
• zmallen / cloudtrail2sightings
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆80Updated 3 years ago
• prowler-cloud / py-ocsf-models
  OCSF (https://schema.ocsf.io/) models in Python using Pydantic.
  ☆24Updated 2 weeks ago
• brexhq / substation
  Substation is a toolkit for routing, normalizing, and enriching security event and audit logs.
  ☆384Updated last month
• shellcromancer / audit-log-wall-of-shame
  Audit log wall of shame.
  ☆42Updated last month
• hashicorp-forge / grove
  A Software as a Service (SaaS) log collection framework.
  ☆177Updated 3 weeks ago
• elastic / dorothy
  ☆187Updated this week
• ComplianceAsCode / auditree-framework
  The Auditree framework tool to run compliance control checks as unit tests.
  ☆71Updated last year
• panther-labs / panther_analysis_tool
  Command line tool for working with Panther rules and policies
  ☆42Updated this week
• twilio-labs / socless
  The SOCless automation framework
  ☆140Updated 7 months ago
• invictus-ir / ALFA
  ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…
  ☆163Updated 6 months ago
• Algbra-Labs-OSS / Chronicle
  ☆65Updated last year
• opensearch-project / security-analytics
  Security Analytics enables users for detecting security threats on their security event log data. It will also allow them to modify/tailo…
  ☆88Updated 2 weeks ago
• JupiterOne / starbase
  Graph-based security analysis for everyone
  ☆350Updated last year
• CrowdStrike / Cloud-AWS
  A collection of projects supporting AWS Integration
  ☆155Updated 2 weeks ago
• cisagov / shareable-soar-workflows
  This is a repository of vendor-agnostic workflows provided for those interested in deploying Security Orchestration, Automation, and Resp…
  ☆88Updated 4 years ago
• runreveal / sigmalite
  ☆47Updated last week
• FoxIO-LLC / LogSlash
  A standard for reducing log volume without sacrificing analytical capability
  ☆209Updated 6 months ago
• chainguard-dev / osqtool
  Automated testing, generation & manipulation of #osquery packs
  ☆73Updated 11 months ago
• threat-punter / detection-as-code-example
  A POC to implement Detection-as-Code with Terraform and Sumo Logic.
  ☆29Updated 2 years ago
• SumoLogic / cloud-siem-content-catalog
  ☆26Updated last week
• DataDog / workload-security-evaluator
  Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.
  ☆32Updated 11 months ago
• aws-solutions-library-samples / automated-forensic-orchestrator-for-amazon-ec2
  Automated Forensics Orchestrator for Amazon EC2 and EKS is a self-service AWS Guidance implementation that enterprise customers can deplo…
  ☆65Updated 2 months ago
• splunk / contentctl
  Splunk Content Control Tool
  ☆118Updated this week
• JupiterOne / secops-automation-examples
  Examples on how to maintain security/compliance as code and to automate SecOps using the JupiterOne platform.
  ☆54Updated last year
• invictus-ir / aws-cheatsheet
  A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
  ☆81Updated last year
• CrowdStrike / detection-container
  ☆48Updated 3 weeks ago