panther-labs/panther-analysis

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/panther-labs/panther-analysis)

panther-labs / panther-analysis

Built-in Panther detection rules and policies

☆439

Alternatives and similar repositories for panther-analysis

Users that are interested in panther-analysis are comparing it to the libraries listed below

Sorting:

panther-labs / panther_analysis_tool
View on GitHub
Command line tool for working with Panther rules and policies
☆48Updated this week
chronicle / detection-rules
View on GitHub
Collection of example YARA-L rules for use within Google Security Operations
☆473Dec 5, 2025Updated 3 months ago
panther-labs / tutorials
View on GitHub
Cloud security tutorials and best practices
☆38Mar 20, 2023Updated 2 years ago
elastic / detection-rules
View on GitHub
☆2,513Updated this week
panther-labs / pounce
View on GitHub
[DEPRECATED] 🐯 Composable react primitives for building UI dashboards
☆21Jan 17, 2023Updated 3 years ago
infosecB / awesome-detection-engineering
View on GitHub
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…
☆1,148Dec 19, 2025Updated 2 months ago
matanolabs / matano
View on GitHub
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
☆1,658Jan 8, 2025Updated last year
splunk / security_content
View on GitHub
Splunk Security Content
☆1,581Updated this week
DataDog / threatest
View on GitHub
Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
☆339Updated this week
easttimor / aws-incident-response
View on GitHub
☆375Feb 23, 2024Updated 2 years ago
jshlbrd / detection-engineering-pocket-guide
View on GitHub
pocket guide for core detection engineering concepts
☆31May 8, 2023Updated 2 years ago
infosecB / detection-as-code
View on GitHub
An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
☆60Mar 12, 2022Updated 3 years ago
DataDog / stratus-red-team
View on GitHub
Granular, Actionable Adversary Emulation for the Cloud
☆2,272Updated this week
0x4D31 / detection-and-response-pipeline
View on GitHub
✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …
☆289Feb 5, 2024Updated 2 years ago
palantir / alerting-detection-strategy-framework
View on GitHub
A framework for developing alerting and detection strategies for incident response.
☆845Sep 8, 2025Updated 6 months ago
ReversecLabs / leonidas
View on GitHub
Automated Attack Simulation in the Cloud, complete with detection use cases.
☆605Nov 28, 2024Updated last year
SigmaHQ / sigma
View on GitHub
Main Sigma Rule Repository
☆10,156Mar 2, 2026Updated last week
atc-project / atc-react
View on GitHub
A knowledge base of actionable Incident Response techniques
☆662May 31, 2022Updated 3 years ago
elastic / dorothy
View on GitHub
☆190Updated this week
teoseller / osquery-attck
View on GitHub
Mapping the MITRE ATT&CK Matrix with Osquery
☆806May 11, 2023Updated 2 years ago
FalconForceTeam / FalconFriday
View on GitHub
Hunting queries and detections
☆884Oct 30, 2025Updated 4 months ago
adanalvarez / TrailDiscover
View on GitHub
An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…
☆174Feb 22, 2026Updated 2 weeks ago
rabobank-cdc / DeTTECT
View on GitHub
Detect Tactics, Techniques & Combat Threats
☆2,268Jan 21, 2026Updated last month
Cyb3r-Monk / Threat-Hunting-and-Detection
View on GitHub
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
☆803Jan 14, 2026Updated last month
sublime-security / sublime-rules
View on GitHub
Sublime rules for email attack detection, prevention, and threat hunting.
☆348Updated this week
zmallen / cloudtrail2sightings
View on GitHub
Convert cloudtrail data to MITRE ATT&CK Sightings
☆82Jul 25, 2022Updated 3 years ago
OTRF / OSSEM
View on GitHub
Open Source Security Events Metadata (OSSEM)
☆1,288Feb 27, 2023Updated 3 years ago
chainguard-dev / osquery-defense-kit
View on GitHub
Production-ready detection & response queries for osquery
☆601Aug 13, 2025Updated 6 months ago
anvilogic-forge / armory
View on GitHub
Anvilogic Forge
☆116Sep 18, 2025Updated 5 months ago
mbabinski / Sigma-Rules
View on GitHub
A repository of my own Sigma detection rules.
☆163Nov 25, 2025Updated 3 months ago
ocsf / ocsf-schema
View on GitHub
OCSF Schema
☆790Feb 27, 2026Updated last week
splunk / attack_data
View on GitHub
A repository of curated datasets from various attacks
☆729Mar 2, 2026Updated last week
OTRF / ThreatHunter-Playbook
View on GitHub
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more e…
☆4,492Jan 12, 2026Updated last month
siriussecurity / dettectinator
View on GitHub
Dettectinator - The Python library to your DeTT&CT YAML files.
☆118Jan 22, 2026Updated last month
Cyb3r-Monk / RITA-J
View on GitHub
Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
☆208Jul 21, 2022Updated 3 years ago
atc-project / atomic-threat-coverage
View on GitHub
Actionable analytics designed to combat threats
☆1,005May 25, 2022Updated 3 years ago
Kirtar22 / ThreatHunting_with_Osquery
View on GitHub
Threat Hunting & Incident Investigation with Osquery
☆216Mar 30, 2022Updated 3 years ago
caizencloud / caizen
View on GitHub
Harness the security superpowers of your cloud asset inventory
☆11Sep 22, 2024Updated last year
center-for-threat-informed-defense / security-stack-mappings
View on GitHub
🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is k…
☆386Apr 3, 2024Updated last year