Alternatives and similar repositories for ocsf-server:

Users that are interested in ocsf-server are comparing it to the libraries listed below

• ocsf / ocsf-docs
  OCSF Documentation
  ☆129Updated this week
• runreveal / sigmalite
  ☆43Updated last month
• SygniaLabs / Mirage
  ☆73Updated last month
• FoxIO-LLC / LogSlash
  A standard for reducing log volume without sacrificing analytical capability
  ☆204Updated 2 months ago
• Nextdoor / cspm_evaluation_matrix
  Nextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix
  ☆58Updated last year
• SAP / cloud-active-defense
  Add a layer of active defense to your cloud applications.
  ☆92Updated last week
• vectra-ai-research / derf
  DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…
  ☆94Updated last year
• carta / krang
  Knowledge Report Alert & Normalization Generator
  ☆27Updated last year
• aws-samples / jupyter-notebook-for-incident-response
  A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incide…
  ☆147Updated last year
• ocsf / governance
  ☆32Updated 5 months ago
• center-for-threat-informed-defense / cloud-analytics
  Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…
  ☆53Updated 2 years ago
• ocsf / examples
  This repo contains example of raw event examples and possible translations to the OCSF schema.
  ☆38Updated 2 weeks ago
• invictus-ir / aws-cheatsheet
  A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.
  ☆73Updated last year
• anvilogic-forge / armory
  Anvilogic Forge
  ☆103Updated this week
• Permiso-io-tools / CloudGrappler
  ☆259Updated 5 months ago
• zmallen / cloudtrail2sightings
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆80Updated 2 years ago
• theparanoids / PrioritizedRiskRemediation
  A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).
  ☆75Updated last year
• PaloAltoNetworks / cobra-tool
  Cloud Offensive Breach and Risk Assessment (COBRA) Tool
  ☆92Updated 2 months ago
• SecurityRunners / CloudCommotion
  Cloud Commotion intends to cause chaos to simulate security incidents
  ☆143Updated 10 months ago
• DataDog / HASH
  HASH (HTTP Agnostic Software Honeypot)
  ☆140Updated last year
• shellcromancer / audit-log-wall-of-shame
  Audit log wall of shame.
  ☆41Updated 6 months ago
• tenable / EscalateGPT
  An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.
  ☆110Updated 7 months ago
• chainguard-dev / osqtool
  Automated testing, generation & manipulation of #osquery packs
  ☆72Updated 6 months ago
• tuckner / automation-capability-matrix
  A tool that allows you to document and assess any security automation in your SOC
  ☆46Updated 6 months ago
• infosecB / Rulehound
  An index of publicly available and open-source threat detection rulesets.
  ☆54Updated 3 weeks ago
• invictus-ir / ALFA
  ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…
  ☆162Updated 2 months ago
• OWASP / OpenCRE
  ☆104Updated 2 weeks ago
• tenable / KaiMonkey
  KaiMonkey provides vulnerable infrastructure as code (IaC) to help explore and understand common cloud security threats exposed via IaC.
  ☆100Updated last year
• Algbra-Labs-OSS / Chronicle
  ☆65Updated 11 months ago
• elastic / SWAT
  Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…
  ☆165Updated 7 months ago