Alternatives and similar repositories for security-analytics

Users that are interested in security-analytics are comparing it to the libraries listed below

• ExabeamLabs / Content-Library-CIM2
  ☆23Updated 2 weeks ago
• ocsf / examples
  This repo contains example of raw event examples and possible translations to the OCSF schema.
  ☆38Updated last month
• prowler-cloud / py-ocsf-models
  OCSF (https://schema.ocsf.io/) models in Python using Pydantic.
  ☆22Updated this week
• SumoLogic / cloud-siem-content-catalog
  ☆24Updated this week
• UncoderIO / Uncoder_IO
  An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
  ☆154Updated 3 months ago
• zeek / zeek-agent-v2
  Open source endpoint agent providing host information to Zeek. [v2]
  ☆82Updated this week
• SigmaHQ / sigma-cli
  The Sigma command line interface based on pySigma
  ☆155Updated last month
• elastic / security-action-examples
  This repository contains a few examples of actions that can be added to rules within Elastic Security.
  ☆22Updated 4 months ago
• splunk / contentctl
  Splunk Content Control Tool
  ☆113Updated last week
• runreveal / sigmalite
  ☆45Updated 2 months ago
• corelight / ecs-mapping
  Mapping Corelight or Zeek data to Elastic Common Schema fields
  ☆34Updated last month
• elastic / ecs-mapper
  Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash
  ☆54Updated 3 years ago
• Ascend-Technologies / OpenCTI-HELM-CHART
  ☆15Updated last year
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆131Updated 9 months ago
• NUKIB / misp
  Docker image for MISP
  ☆127Updated this week
• z1pti3 / jimi
  Jimi is an automation first no-code platform designed and developed originally for Security Orchestration and Response. Since its launch …
  ☆164Updated 11 months ago
• grafana / pySigma-backend-loki
  pySigma backend for generating Grafana Loki/LogQL rules
  ☆45Updated this week
• 3CORESec / SIEGMA
  SIEGMA - Transform Sigma rules into SIEM consumables
  ☆151Updated 2 months ago
• juaromu / wazuh
  ☆19Updated 3 years ago
• invictus-ir / ALFA
  ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…
  ☆162Updated 3 months ago
• ocsf / ocsf-docs
  OCSF Documentation
  ☆129Updated 3 weeks ago
• UncoderIO / Roota
  Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …
  ☆128Updated 10 months ago
• aws-solutions-library-samples / automated-forensic-orchestrator-for-amazon-ec2
  Automated Forensics Orchestrator for Amazon EC2 is a self-service AWS Solution implementation that enterprise customers can deploy to qui…
  ☆63Updated 3 weeks ago
• Security-Onion-Solutions / securityonion-image
  ☆48Updated this week
• google / osdfir-infrastructure
  Helm charts for running open source digital forensic tools in Kubernetes
  ☆97Updated this week
• chronicle / api-samples-python
  Python samples and utilities for Chronicle APIs
  ☆83Updated this week
• anvilogic-forge / armory
  Anvilogic Forge
  ☆103Updated this week
• oasis-open / cti-stix-validator
  OASIS TC Open Repository: Validator for STIX 2.0 JSON normative requirements and best practices
  ☆52Updated 2 months ago
• splunk / salo
  Synthetic Adversarial Log Objects: A Framework for synthentic log generation
  ☆82Updated last year
• Cargill / OpenSIEM-Logstash-Parsing
  SIEM Logstash parsing for more than hundred technologies
  ☆184Updated last month