pierrebarlet / qradar2thehive
Scripts for TheHive.
☆22Updated 5 years ago
Alternatives and similar repositories for qradar2thehive:
Users that are interested in qradar2thehive are comparing it to the libraries listed below
- Expert Investigation Guides☆51Updated 4 years ago
- Miscelaneous Dockers☆46Updated 3 years ago
- A Splunk app to use MISP in background☆110Updated last week
- Collection of useful, up to date, Carbon Black Response Queries☆83Updated 4 years ago
- automate your MISP installs☆66Updated 4 years ago
- ☆39Updated 5 years ago
- Pulls IOCs from MISP and adds the to reference sets in QRadar☆34Updated last year
- Sigma Detection Rule Repository☆87Updated 4 years ago
- Connect your mail client/infrastructure to MISP in order to create events based on the information contained within mails.☆69Updated last year
- A Splunk app with saved reports derived from Sigma rules☆73Updated 6 years ago
- Volatility plugins developed and maintained by the community☆21Updated 6 months ago
- Analyze binaries collected in VMware Carbon Black EDR against Yara rules.☆37Updated 2 years ago
- InvestigationPlaybookSpec☆72Updated 7 years ago
- Repository for SPEED SIEM Use Case Framework☆53Updated 4 years ago
- Recon Hunt Queries☆76Updated 3 years ago
- Slides and Other Resources from my latest Talks and Presentations☆24Updated 4 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆108Updated 5 years ago
- This package allows for creating alerts in The Hive from emails retrieved from a Microsoft Exchange mailbox.☆12Updated 7 years ago
- Carbon Black Feeds☆72Updated last year
- ☆77Updated 5 years ago
- The project was moved here https://github.com/atomic-threat-coverage/atomic-threat-coverage☆24Updated 5 years ago
- Office365 Log Analysis Framework☆82Updated 5 years ago
- ☆54Updated 3 years ago
- Sysmon Splunk App☆46Updated 6 years ago
- Synapse: a Meta Alert Feeder for TheHive, a Security Incident Response Platform☆71Updated last year
- SOC Workflow App helps Security Analysts and Threat Hunters explore suspicious events, look into raw events arriving at the Elastic Stack…☆94Updated 2 years ago
- ☆18Updated 3 years ago
- Deploy and maintain Symon through the Splunk Deployment Sever☆31Updated 4 years ago
- Imports Alienvault OTX pulses to a MISP instance☆52Updated 3 years ago
- Integrating Sysinternals Autoruns’ logs into Security Onion☆31Updated last year