opensearch-project / security-analyticsLinks
Security Analytics enables users for detecting security threats on their security event log data. It will also allow them to modify/tailor the pre-packaged solution.
☆93Updated 3 weeks ago
Alternatives and similar repositories for security-analytics
Users that are interested in security-analytics are comparing it to the libraries listed below
Sorting:
- ☆29Updated last week
- Open source endpoint agent providing host information to Zeek. [v2]☆90Updated last month
- The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools…☆170Updated this week
- A standard for reducing log volume without sacrificing analytical capability☆213Updated 11 months ago
- This repo contains example of raw event examples and possible translations to the OCSF schema.☆52Updated 5 months ago
- SIEM Logstash parsing for more than hundred technologies☆192Updated 2 weeks ago
- OCSF (https://schema.ocsf.io/) models in Python using Pydantic.☆32Updated last week
- Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…☆86Updated 3 weeks ago
- Jimi is an automation first no-code platform designed and developed originally for Security Orchestration and Response. Since its launch …☆168Updated last year
- Apps to be used for Shuffle automation. Most of Shuffle's apps (2500+) are generated from APIs, and available in the search engine below:☆121Updated this week
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆132Updated last year
- ☆51Updated last month
- Helm charts for running open source digital forensic tools in Kubernetes☆179Updated this week
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆100Updated last month
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆223Updated last year
- OpenCTI Python Client☆143Updated 2 months ago
- ATT&CK Data Model (ADM): A TypeScript library for structured interaction with MITRE ATT&CK datasets. Uses Zod schemas, TypeScript types, …☆59Updated this week
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆53Updated this week
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆147Updated 6 months ago
- The Sigma command line interface based on pySigma☆171Updated last week
- Public static website for the D3FEND project. For the D3FEND ontology repo see: https://github.com/d3fend/d3fend-ontology☆90Updated last month
- OCSF Documentation☆151Updated 3 months ago
- Security Control Knowledge Graph☆31Updated last year
- OSSEM Common Data Model☆56Updated 3 years ago
- Built-in Panther detection rules and policies☆433Updated this week
- OCA-wide documentation shared by all sub-projects and repositories☆33Updated last year
- Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash☆54Updated 3 years ago
- Anvilogic Forge☆114Updated 4 months ago
- ☆75Updated 10 months ago
- This is a repository of vendor-agnostic workflows provided for those interested in deploying Security Orchestration, Automation, and Resp…☆89Updated 4 years ago