quadrantsec / sagan-rules
☆29Updated this week
Alternatives and similar repositories for sagan-rules:
Users that are interested in sagan-rules are comparing it to the libraries listed below
- Threat Detection & Anomaly Detection rules for popular open-source components☆51Updated 2 years ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆61Updated 11 months ago
- Import specific data sources into the Sigma generic and open signature format.☆78Updated 2 years ago
- Technical add-on for Splunk related to TheHive/Cortex from TheHive project☆53Updated 3 weeks ago
- ☆68Updated last month
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆37Updated 3 weeks ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆85Updated 2 years ago
- Library of threat hunts to get any user started!☆44Updated 4 years ago
- Open source endpoint agent providing host information to Zeek. [v2]☆80Updated 5 months ago
- OSSEM Data Dictionaries☆59Updated 2 months ago
- Convert Sigma rules to LogRhythm searches☆21Updated 3 years ago
- The Security Analyst’s Guide to Suricata☆55Updated 10 months ago
- Sigma Detection Rule Repository☆87Updated 4 years ago
- ☆34Updated 4 years ago
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆77Updated 5 months ago
- Repository for SPEED SIEM Use Case Framework☆53Updated 4 years ago
- Cerebrate is an open-source platform meant to act as a trusted contact information provider and interconnection orchestrator for other se…☆87Updated last week
- ☆34Updated 5 months ago
- A community event for security researchers to share their favorite notebooks☆107Updated last year
- Detection Ideas & Rules repository.☆179Updated 3 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆108Updated 5 years ago
- Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.☆38Updated last year
- ☆48Updated last week
- Anything Sysmon related from the MSTIC R&D team☆152Updated 10 months ago
- ☆19Updated 3 years ago
- Automated detection rule analysis utility☆29Updated 2 years ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆70Updated last week
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆49Updated 3 weeks ago