pierrebarlet / qradar2thehive
Scripts for TheHive.
☆22Updated 5 years ago
Alternatives and similar repositories for qradar2thehive:
Users that are interested in qradar2thehive are comparing it to the libraries listed below
- InvestigationPlaybookSpec☆72Updated 7 years ago
- Miscelaneous Dockers☆46Updated 3 years ago
- A Splunk app to use MISP in background☆109Updated 2 months ago
- Repository of scripts/tools that may be useful in Security Operations Centres (SOC)☆54Updated 4 years ago
- Pulls IOCs from MISP and adds the to reference sets in QRadar☆33Updated last year
- Sigma Detection Rule Repository☆84Updated 4 years ago
- Collection of useful, up to date, Carbon Black Response Queries☆83Updated 4 years ago
- A Splunk app with saved reports derived from Sigma rules☆73Updated 6 years ago
- Volatility plugins developed and maintained by the community☆21Updated 4 months ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- Slides and Other Resources from my latest Talks and Presentations☆24Updated 4 years ago
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆93Updated 2 years ago
- Expert Investigation Guides☆51Updated 3 years ago
- Imports Alienvault OTX pulses to a MISP instance☆52Updated 3 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆107Updated 4 years ago
- Office365 Log Analysis Framework☆81Updated 5 years ago
- References for FIRST CTI 2019 Symposium presentation☆23Updated 5 years ago
- A website and framework for testing NIDS detection☆56Updated 3 years ago
- Tool to extract indicators of compromise from security reports in PDF format☆72Updated 7 months ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Updated 7 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆19Updated 2 years ago
- automate your MISP installs☆66Updated 4 years ago
- ☆39Updated 5 years ago
- Deploy and maintain Symon through the Splunk Deployment Sever☆31Updated 4 years ago
- Analyze binaries collected in VMware Carbon Black EDR against Yara rules.☆37Updated 2 years ago
- Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform☆71Updated last year
- Powershell Functions to interact with TheHive-Project☆10Updated 5 years ago