splunk / security_content
Splunk Security Content
☆1,416Updated this week
Alternatives and similar repositories for security_content
Users that are interested in security_content are comparing it to the libraries listed below
Sorting:
- A repository of curated datasets from various attacks☆646Updated last week
- A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data int…☆2,282Updated this week
- A Splunk app mapped to MITRE ATT&CK to guide your threat hunts☆1,156Updated last year
- Open Source Security Events Metadata (OSSEM)☆1,266Updated 2 years ago
- Detect Tactics, Techniques & Combat Threats☆2,155Updated last week
- Actionable analytics designed to combat threats☆982Updated 2 years ago
- Scripts and a (future) library to improve users' interactions with the ATT&CK content☆585Updated last year
- Cyber Analytics Repository☆935Updated last year
- Hunting queries and detections☆796Updated 3 months ago
- Re-play Security Events☆1,641Updated last year
- A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.☆865Updated 8 months ago
- Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK☆1,067Updated 5 months ago
- Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders☆903Updated last year
- A knowledge base of actionable Incident Response techniques☆636Updated 2 years ago
- Windows Events Attack Samples☆2,356Updated 2 years ago
- Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by devel…☆607Updated this week
- Phantom Community Playbooks☆500Updated 3 months ago
- A framework for developing alerting and detection strategies for incident response.☆737Updated 3 years ago
- A python module for working with ATT&CK☆544Updated last week
- 🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept…☆492Updated last year
- VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities a…☆1,467Updated 2 weeks ago
- Invoke-AtomicRedTeam is a PowerShell module to execute tests as defined in the [atomics folder](https://github.com/redcanaryco/atomic-red…☆906Updated 2 weeks ago
- This content is analysis and research of the data sources currently listed in ATT&CK.☆409Updated last year
- Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation o…☆970Updated 3 weeks ago
- Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).☆727Updated 2 months ago
- A collection of resources for Threat Hunters☆881Updated 7 months ago
- Splunk Boss of the SOC version 3 dataset.☆337Updated 4 years ago
- MITRE ATT&CK Website☆527Updated last week
- An informational repo about hunting for adversaries in your IT environment.☆1,775Updated 3 years ago
- A set of Zeek scripts to detect ATT&CK techniques.☆589Updated 10 months ago