panther-labs / panther_analysis_tool
Command line tool for working with Panther rules and policies
☆39Updated this week
Alternatives and similar repositories for panther_analysis_tool:
Users that are interested in panther_analysis_tool are comparing it to the libraries listed below
- Cloud security tutorials and best practices☆38Updated 2 years ago
- ☆65Updated 10 months ago
- Built-in Panther detection rules and policies☆369Updated this week
- ☆18Updated 3 years ago
- ☆41Updated 2 weeks ago
- Knowledge Report Alert & Normalization Generator☆27Updated last year
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆27Updated last year
- Attack Range to test detection against nativel serverless cloud services and environments☆35Updated 3 years ago
- Audit log wall of shame.☆41Updated 5 months ago
- Public release of Whalehoney Honeypot☆29Updated 3 years ago
- pocket guide for core detection engineering concepts☆28Updated last year
- A MITRE ATT&CK Navigator export for AWS GuardDuty Findings☆137Updated 3 years ago
- Convert cloudtrail data to MITRE ATT&CK Sightings☆79Updated 2 years ago
- Slack bot which promotes Defense in Depth/Zero Trust security practices☆24Updated 2 years ago
- Cloud Analytics helps defenders detect attacks to their cloud infrastructure by developing behavioral analytics for cloud platforms as we…☆53Updated last year
- This repository contains the research and components of our research into using Sigma for AWS Incident Response.☆27Updated last year
- AWS EKS Cluster Forensics☆23Updated 3 years ago
- defendA Data Lake. A firehose pipeline to athena providing enrichment and normalization for security events☆16Updated last year
- OSSEM Common Data Model☆55Updated 2 years ago
- Infrastructure as code for deploying Panther☆10Updated this week
- Serverless, real-time, ClamAV+Yara scanning for your S3 Buckets☆31Updated 10 months ago
- Anvilogic Forge☆95Updated 2 weeks ago
- ☆44Updated 9 months ago
- A CALDERA plugin☆75Updated 2 weeks ago
- Security Alert Decoration☆27Updated this week
- Dorothy is a tool to test security monitoring and detection for Okta environments☆179Updated 7 months ago
- Serverless honeytoken 🕵🏻♂️☆79Updated 2 years ago
- ☆20Updated 7 years ago
- A Python-native Detection as Code Framework☆10Updated last week
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆111Updated 4 years ago