panther-labs / panther_analysis_tool
Command line tool for working with Panther rules and policies
☆36Updated 2 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for panther_analysis_tool
- Cloud security tutorials and best practices☆38Updated last year
- ☆37Updated 2 months ago
- ☆66Updated 5 months ago
- Built-in Panther detection rules and policies☆339Updated this week
- A MITRE ATT&CK Navigator export for AWS GuardDuty Findings☆136Updated 3 years ago
- Attack Range to test detection against nativel serverless cloud services and environments☆35Updated 3 years ago
- Slack bot which promotes Defense in Depth/Zero Trust security practices☆24Updated last year
- ☆17Updated 3 years ago
- pocket guide for core detection engineering concepts☆27Updated last year
- Audit log wall of shame.☆41Updated 3 weeks ago
- Knowledge Report Alert & Normalization Generator☆27Updated 7 months ago
- This script is used to generate some basic detections of the aws security services☆71Updated 2 years ago
- SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, man…☆76Updated 3 years ago
- GCP CSPM using Google Sheets☆34Updated 4 months ago
- Compares and analyzes GCP IAM roles.☆76Updated 5 months ago
- A POC to implement Detection-as-Code with Terraform and Sumo Logic.☆25Updated last year
- Convert cloudtrail data to MITRE ATT&CK Sightings☆79Updated 2 years ago
- Tools for AWS forensics☆64Updated 8 years ago
- Manage GuardDuty At Enterprise Scale☆22Updated 4 years ago
- 'Continuous' AWS perimeter monitoring: Periodically scan internet facing AWS resources to detect misconfigured services.☆62Updated 5 years ago
- 🖇️ STRIDE vs. ASVS equivalence table☆75Updated 2 months ago
- Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Security Management.☆29Updated 3 weeks ago
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆61Updated this week
- Updated incident response generator for training classes☆41Updated 3 years ago
- PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…☆65Updated last year
- An implementation of infrastructure-as-code scanning using dynamic tooling.☆56Updated 2 years ago
- IAMFinder enumerates and finds users and IAM roles in a target AWS account.☆109Updated 3 years ago
- IAM-Deescalate helps mitigate privilege escalation risk in AWS identity and access management (IAM)☆96Updated 2 years ago
- Dorothy is a tool to test security monitoring and detection for Okta environments☆175Updated 3 months ago