ocsf / ocsf-server

Related projects: ⓘ

• ocsf / ocsf-docs
  OCSF Documentation
  ☆114Updated this week
• SygniaLabs / Cirrus
  ☆60Updated 6 months ago
• vectra-ai-research / derf
  DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…
  ☆82Updated 8 months ago
• theparanoids / PrioritizedRiskRemediation
  A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).
  ☆64Updated 4 months ago
• ocsf / governance
  ☆31Updated 5 months ago
• invictus-ir / aws-cheatsheet
  A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
  ☆58Updated 4 months ago
• Nextdoor / cspm_evaluation_matrix
  Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix
  ☆55Updated last year
• UncoderIO / Roota
  Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …
  ☆112Updated 2 months ago
• center-for-threat-informed-defense / cloud-analytics
  Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…
  ☆51Updated last year
• PacktPublishing / Automating-Security-Detection-Engineering
  Automating Security Detection Engineering, published by Packt
  ☆42Updated 3 months ago
• anvilogic-forge / armory
  Anvilogic Forge
  ☆80Updated this week
• invictus-ir / ALFA
  ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…
  ☆142Updated 7 months ago
• CISecurity / ControlsAssessmentSpecification
  Controls Assessment Specification
  ☆65Updated 3 months ago
• tenable / EscalateGPT
  An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.
  ☆93Updated 2 months ago
• aws-samples / jupyter-notebook-for-incident-response
  A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incide…
  ☆140Updated 10 months ago
• center-for-threat-informed-defense / mappings-explorer
  Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…
  ☆36Updated last month
• OTRF / GenAI-Security-Adventures
  ☆95Updated 3 months ago
• referefref / sinon
  Automation tool for Windows Deception Host Burn-In
  ☆71Updated 2 months ago
• CERN-CERT / pDNSSOC
  Leveraging MISP indicators via a pDNS-based infrastructure as a poor man’s SOC.
  ☆48Updated 2 weeks ago
• carta / krang
  Knowledge Report Alert & Normalization Generator
  ☆27Updated 6 months ago
• center-for-threat-informed-defense / attack-workbench-rest-api
  An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…
  ☆40Updated last week
• t0sche / cvss-bt
  Enriching the NVD CVSS scores to include Temporal & Threat Metrics
  ☆56Updated this week
• DataDog / HASH
  HASH (HTTP Agnostic Software Honeypot)
  ☆128Updated 4 months ago
• CloudSecurityAlliance / gsd-tools
  Global Security Database Tools
  ☆41Updated 9 months ago
• primeharbor / breaches.cloud
  https://breaches.cloud
  ☆36Updated 2 months ago
• zmallen / cloudtrail2sightings
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆77Updated 2 years ago
• sckg / sckg
  Security Control Knowledge Graph
  ☆25Updated 4 months ago
• tuckner / automation-capability-matrix
  A tool that allows you to document and assess any security automation in your SOC
  ☆40Updated 4 months ago
• CERTCC / SSVC
  Stakeholder-Specific Vulnerability Categorization
  ☆127Updated this week
• SAP / cloud-active-defense
  Add a layer of active defense to your cloud applications.
  ☆77Updated this week