Alternatives and similar repositories for panther-auxiliary

Users that are interested in panther-auxiliary are comparing it to the libraries listed below

• panther-labs / panther_analysis_tool
  Command line tool for working with Panther rules and policies
  ☆39Updated last week
• panther-labs / tutorials
  Cloud security tutorials and best practices
  ☆38Updated 2 years ago
• tuckner / automation-capability-matrix
  A tool that allows you to document and assess any security automation in your SOC
  ☆46Updated 6 months ago
• haidermdost / Threat-Detection-Maturity-Framework
  ☆18Updated 3 years ago
• threat-punter / detection-as-code-example
  A POC to implement Detection-as-Code with Terraform and Sumo Logic.
  ☆27Updated last year
• invictus-ir / ALFA
  ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…
  ☆162Updated 2 months ago
• splunk / attack_range_cloud
  Attack Range to test detection against nativel serverless cloud services and environments
  ☆35Updated 3 years ago
• center-for-threat-informed-defense / cloud-analytics
  Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…
  ☆53Updated 2 years ago
• ReconInfoSec / rhq
  Recon Hunt Queries
  ☆77Updated 3 years ago
• jshlbrd / detection-engineering-pocket-guide
  pocket guide for core detection engineering concepts
  ☆28Updated 2 years ago
• MISP / misp-cloud
  misp-cloud - Cloud-ready images of MISP
  ☆72Updated 2 years ago
• 0xtf / HAMISPA
  Notes for High Availability MISP in AWS
  ☆19Updated 5 years ago
• runreveal / sigmalite
  ☆43Updated last month
• splunk / attack-detections-collector
  Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique
  ☆67Updated last year
• center-for-threat-informed-defense / attack-sync
  ATT&CK Sync is a Center for Threat-Informed Defense project that aims to improve the ability for organizations to consume MITRE ATT&CK® v…
  ☆20Updated 2 weeks ago
• Silv3rHorn / BulkStrike
  BulkStrike enables the usage of CrowdStrike Real Time Response (RTR) to bulk execute commands on multiple machines.
  ☆42Updated 2 years ago
• msraju / Incident-Response-Playbooks
  ☆43Updated 2 years ago
• cudeso / misp-tip-of-the-week
  A collection of tips for using MISP.
  ☆74Updated 5 months ago
• pfpt-andrew / Rapid-Response-Reporting
  RRR (Rapid Response Reporting) is a collection of Incident Response Report objects. They are designed to help incident responders provid…
  ☆37Updated 3 years ago
• Algbra-Labs-OSS / Chronicle
  ☆65Updated 11 months ago
• shellcromancer / audit-log-wall-of-shame
  Audit log wall of shame.
  ☆41Updated 6 months ago
• k-bailey / detection-engineering-maturity-matrix
  ☆94Updated 2 years ago
• cyentific-rni / stix2.1-coa-playbook-extension
  A STIX 2.1 Extension Definition for the Course of Action (COA) object type. The nested property extension allows a COA to share machine-r…
  ☆23Updated last year
• lacework-dev / whalehoney_PUBLIC
  Public release of Whalehoney Honeypot
  ☆29Updated 3 years ago
• captainGeech42 / synapse-sinkdb
  Synapse Rapid Power-up for SinkDB
  ☆11Updated 2 years ago
• Shuffle / workflows
  Workflows for Shuffle
  ☆22Updated 2 years ago
• Cisco-Talos / osquery_queries
  Cisco Orbital - Osquery queries by Talos
  ☆132Updated 8 months ago
• center-for-threat-informed-defense / attack-workbench-rest-api
  An application allowing users to explore, create, annotate, and share extensions of the MITRE ATT&CK® knowledge base. This repository con…
  ☆46Updated last week
• pulsedive / certrss
  ☆118Updated last year
• cado-security / AWS_EKS_Cluster_Forensics
  AWS EKS Cluster Forensics
  ☆23Updated 3 years ago