Alternatives and similar repositories for panther-analysis

Users that are interested in panther-analysis are comparing it to the libraries listed below

• panther-labs / panther_analysis_tool

  View on GitHub
  Command line tool for working with Panther rules and policies
  ☆48Feb 9, 2026Updated last week
• chronicle / detection-rules

  View on GitHub
  Collection of example YARA-L rules for use within Google Security Operations
  ☆471Dec 5, 2025Updated 2 months ago
• panther-labs / tutorials

  View on GitHub
  Cloud security tutorials and best practices
  ☆38Mar 20, 2023Updated 2 years ago
• elastic / detection-rules

  View on GitHub
  ☆2,502Updated this week
• infosecB / awesome-detection-engineering

  View on GitHub
  Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…
  ☆1,126Dec 19, 2025Updated last month
• matanolabs / matano

  View on GitHub
  Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
  ☆1,655Jan 8, 2025Updated last year
• splunk / security_content

  View on GitHub
  Splunk Security Content
  ☆1,572Updated this week
• DataDog / threatest

  View on GitHub
  Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
  ☆338Updated this week
• easttimor / aws-incident-response

  View on GitHub
  ☆374Feb 23, 2024Updated last year
• jshlbrd / detection-engineering-pocket-guide

  View on GitHub
  pocket guide for core detection engineering concepts
  ☆31May 8, 2023Updated 2 years ago
• infosecB / detection-as-code

  View on GitHub
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆60Mar 12, 2022Updated 3 years ago
• DataDog / stratus-red-team

  View on GitHub
  Granular, Actionable Adversary Emulation for the Cloud
  ☆2,252Feb 6, 2026Updated last week
• 0x4D31 / detection-and-response-pipeline

  View on GitHub
  ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …
  ☆289Feb 5, 2024Updated 2 years ago
• palantir / alerting-detection-strategy-framework

  View on GitHub
  A framework for developing alerting and detection strategies for incident response.
  ☆838Sep 8, 2025Updated 5 months ago
• ReversecLabs / leonidas

  View on GitHub
  Automated Attack Simulation in the Cloud, complete with detection use cases.
  ☆603Nov 28, 2024Updated last year
• SigmaHQ / sigma

  View on GitHub
  Main Sigma Rule Repository
  ☆10,109Updated this week
• atc-project / atc-react

  View on GitHub
  A knowledge base of actionable Incident Response techniques
  ☆662May 31, 2022Updated 3 years ago
• elastic / dorothy

  View on GitHub
  ☆190Feb 8, 2026Updated last week
• teoseller / osquery-attck

  View on GitHub
  Mapping the MITRE ATT&CK Matrix with Osquery
  ☆804May 11, 2023Updated 2 years ago
• FalconForceTeam / FalconFriday

  View on GitHub
  Hunting queries and detections
  ☆881Oct 30, 2025Updated 3 months ago
• adanalvarez / TrailDiscover

  View on GitHub
  An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
  ☆172Feb 8, 2026Updated last week
• rabobank-cdc / DeTTECT

  View on GitHub
  Detect Tactics, Techniques & Combat Threats
  ☆2,263Jan 21, 2026Updated 3 weeks ago
• Cyb3r-Monk / Threat-Hunting-and-Detection

  View on GitHub
  Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
  ☆800Jan 14, 2026Updated last month
• sublime-security / sublime-rules

  View on GitHub
  Sublime rules for email attack detection, prevention, and threat hunting.
  ☆345Updated this week
• zmallen / cloudtrail2sightings

  View on GitHub
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆82Jul 25, 2022Updated 3 years ago
• OTRF / OSSEM

  View on GitHub
  Open Source Security Events Metadata (OSSEM)
  ☆1,286Feb 27, 2023Updated 2 years ago
• chainguard-dev / osquery-defense-kit

  View on GitHub
  Production-ready detection & response queries for osquery
  ☆600Aug 13, 2025Updated 6 months ago
• mbabinski / Sigma-Rules

  View on GitHub
  A repository of my own Sigma detection rules.
  ☆163Nov 25, 2025Updated 2 months ago
• splunk / attack_data

  View on GitHub
  A repository of curated datasets from various attacks
  ☆727Feb 6, 2026Updated last week
• ocsf / ocsf-schema

  View on GitHub
  OCSF Schema
  ☆775Updated this week
• OTRF / ThreatHunter-Playbook

  View on GitHub
  A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
  ☆4,475Jan 12, 2026Updated last month
• siriussecurity / dettectinator

  View on GitHub
  Dettectinator - The Python library to your DeTT&CT YAML files.
  ☆119Jan 22, 2026Updated 3 weeks ago
• Cyb3r-Monk / RITA-J

  View on GitHub
  Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
  ☆207Jul 21, 2022Updated 3 years ago
• atc-project / atomic-threat-coverage

  View on GitHub
  Actionable analytics designed to combat threats
  ☆1,006May 25, 2022Updated 3 years ago
• Kirtar22 / ThreatHunting_with_Osquery

  View on GitHub
  Threat Hunting & Incident Investigation with Osquery
  ☆216Mar 30, 2022Updated 3 years ago
• caizencloud / caizen

  View on GitHub
  Harness the security superpowers of your cloud asset inventory
  ☆11Sep 22, 2024Updated last year
• center-for-threat-informed-defense / security-stack-mappings

  View on GitHub
  🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…
  ☆389Apr 3, 2024Updated last year
• grapl-security / grapl

  View on GitHub
  Graph platform for Detection and Response
  ☆699Dec 26, 2022Updated 3 years ago
• anvilogic-forge / armory

  View on GitHub
  Anvilogic Forge
  ☆114Sep 18, 2025Updated 4 months ago