opensearch-project / security-analyticsLinks
Security Analytics enables users for detecting security threats on their security event log data. It will also allow them to modify/tailor the pre-packaged solution.
☆87Updated last week
Alternatives and similar repositories for security-analytics
Users that are interested in security-analytics are comparing it to the libraries listed below
Sorting:
- Open source endpoint agent providing host information to Zeek. [v2]☆85Updated last week
- A standard for reducing log volume without sacrificing analytical capability☆209Updated 6 months ago
- The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools…☆162Updated this week
- SIEM Logstash parsing for more than hundred technologies☆187Updated 2 weeks ago
- ☆26Updated last week
- Apps to be used for Shuffle automation. Most of Shuffle's apps (2500+) are generated from APIs, and available in the search engine below:☆116Updated last week
- Jimi is an automation first no-code platform designed and developed originally for Security Orchestration and Response. Since its launch …☆167Updated last year
- Cisco Orbital - Osquery queries by Talos☆134Updated last year
- Osquery Resources☆62Updated 6 years ago
- Helm charts for running open source digital forensic tools in Kubernetes☆114Updated 2 weeks ago
- This repo contains example of raw event examples and possible translations to the OCSF schema.☆44Updated 3 weeks ago
- The Sigma command line interface based on pySigma☆158Updated 2 weeks ago
- OCSF (https://schema.ocsf.io/) models in Python using Pydantic.☆23Updated 3 weeks ago
- ☆47Updated 5 months ago
- Built-in Panther detection rules and policies☆412Updated this week
- Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash☆54Updated 3 years ago
- OCSF Documentation☆137Updated 2 months ago
- Manage, monitor and improve your cyber security posture.☆93Updated 2 years ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆187Updated 11 months ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆154Updated 5 months ago
- Add a layer of active defense to your cloud applications.☆95Updated 3 weeks ago
- ☆25Updated this week
- Elastic Agent - single, unified way to add monitoring for logs, metrics, and other types of data to a host.☆194Updated this week
- ☆50Updated last week
- OSSEM Common Data Model☆56Updated 2 years ago
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆164Updated 5 months ago
- OpenCTI Docker deployment helpers☆200Updated last week
- Wazuh - Splunk App☆56Updated 11 months ago
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆128Updated last year
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated 2 months ago