opensearch-project / security-analytics
Security Analytics enables users for detecting security threats on their security event log data. It will also allow them to modify/tailor the pre-packaged solution.
☆72Updated this week
Related projects ⓘ
Alternatives and complementary repositories for security-analytics
- Mapping Corelight or Zeek data to Elastic Common Schema fields☆34Updated 2 weeks ago
- Anvilogic Forge☆86Updated last week
- Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…☆43Updated last month
- Cisco Orbital - Osquery queries by Talos☆123Updated 2 months ago
- A cheatsheet containing AWS CloudTrail events that can be used for Incident Response purposes or Detection Engineering.☆62Updated 6 months ago
- OCSF Schema WEB Server☆42Updated this week
- An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…☆42Updated 2 weeks ago
- This repo contains example of raw event examples and possible translations to the OCSF schema.☆33Updated 2 weeks ago
- ☆12Updated 6 months ago
- Automated Forensics Orchestrator for Amazon EC2 is a self-service AWS Solution implementation that enterprise customers can deploy to qui…☆58Updated 2 months ago
- Save toil in security operations with: Detection & Intelligence Analysis for New Alerts (D.I.A.N.A. )☆157Updated 2 months ago
- ☆31Updated this week
- The Sigma command line interface based on pySigma☆136Updated 3 months ago
- SIEGMA - Transform Sigma rules into SIEM consumables☆141Updated last year
- Docker image for MISP☆115Updated this week
- OCA-wide documentation shared by all sub-projects and repositories☆33Updated 3 weeks ago
- Cloud security tutorials and best practices☆38Updated last year
- Sample programs to access the API☆61Updated 2 weeks ago
- Translate an ECS mapping CSV to starter pipelines for Beats, Elasticsearch or Logstash☆54Updated 2 years ago
- ☆31Updated 4 months ago
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆116Updated 4 months ago
- SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, man…☆76Updated 3 years ago
- This repository contains a few examples of actions that can be added to rules within Elastic Security.☆22Updated 2 years ago
- OCSF (https://schema.ocsf.io/) models in Python using Pydantic.☆15Updated this week
- Parse wazuh[HIDS] alerts into ECS mapping using Filebeat☆27Updated 4 years ago
- Swagger/ OpenAPI specifications for security products and services☆73Updated last month
- ☆16Updated 3 weeks ago
- Controls Assessment Specification☆65Updated 5 months ago
- Dorothy is a tool to test security monitoring and detection for Okta environments☆175Updated 3 months ago
- ☆48Updated this week