Alternatives and similar repositories for security-analytics

Users that are interested in security-analytics are comparing it to the libraries listed below

• FoxIO-LLC / LogSlash
  A standard for reducing log volume without sacrificing analytical capability
  ☆209Updated 6 months ago
• zeek / zeek-agent-v2
  Open source endpoint agent providing host information to Zeek. [v2]
  ☆85Updated last week
• mitre / saf
  The MITRE Security Automation Framework (SAF) Command Line Interface (CLI) brings together applications, techniques, libraries, and tools…
  ☆162Updated this week
• z1pti3 / jimi
  Jimi is an automation first no-code platform designed and developed originally for Security Orchestration and Response. Since its launch …
  ☆167Updated last year
• Shuffle / python-apps
  Apps to be used for Shuffle automation. Most of Shuffle's apps (2500+) are generated from APIs, and available in the search engine below:
  ☆116Updated 2 weeks ago
• google / osdfir-infrastructure
  Helm charts for running open source digital forensic tools in Kubernetes
  ☆117Updated 2 weeks ago
• SumoLogic / cloud-siem-content-catalog
  ☆26Updated last week
• runreveal / sigmalite
  ☆47Updated last week
• center-for-threat-informed-defense / mappings-explorer
  Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…
  ☆76Updated this week
• chronicle / ingestion-scripts
  ☆35Updated 3 months ago
• COSSAS / SOARCA
  SOARCA - The Open Source CACAO-based Security Orchestrator!
  ☆80Updated 2 weeks ago
• UncoderIO / Uncoder_IO
  An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
  ☆158Updated 7 months ago
• panther-labs / panther-analysis
  Built-in Panther detection rules and policies
  ☆420Updated this week
• SigmaHQ / sigma-cli
  The Sigma command line interface based on pySigma
  ☆159Updated 3 weeks ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆134Updated last year
• sttor / awesome-osquery
  Osquery Resources
  ☆62Updated 6 years ago
• Shuffle / openapi-apps
  Swagger/ OpenAPI specifications for security products and services
  ☆78Updated 3 weeks ago
• ocsf / examples
  This repo contains example of raw event examples and possible translations to the OCSF schema.
  ☆44Updated last month
• UncoderIO / Roota
  Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …
  ☆128Updated last year
• dwillowtree / diana
  Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )
  ☆190Updated last year
• Cargill / OpenSIEM-Logstash-Parsing
  SIEM Logstash parsing for more than hundred technologies
  ☆187Updated last week
• zercurity / zercurity
  Manage, monitor and improve your cyber security posture.
  ☆93Updated 2 years ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated last week
• infosecB / detection-as-code
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆58Updated 3 years ago
• traut / stixview
  STIX2 graph visualisation library in JS
  ☆91Updated 2 months ago
• NUKIB / misp
  Docker image for MISP
  ☆134Updated last month
• elastic / dorothy
  ☆187Updated this week
• cisagov / shareable-soar-workflows
  This is a repository of vendor-agnostic workflows provided for those interested in deploying Security Orchestration, Automation, and Resp…
  ☆88Updated 4 years ago
• opencybersecurityalliance / documentation
  OCA-wide documentation shared by all sub-projects and repositories
  ☆33Updated 10 months ago
• The-Shadowserver-Foundation / api_utils
  Sample programs to access the API
  ☆91Updated 4 months ago