splunk / security_content_docsLinks
Contains research.splunk.com site code
☆11Updated last year
Alternatives and similar repositories for security_content_docs
Users that are interested in security_content_docs are comparing it to the libraries listed below
Sorting:
- OSSEM Detection Model☆176Updated 2 years ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆114Updated 3 months ago
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆64Updated last year
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆46Updated last month
- The Elastic Security Research team produces public-facing content, in the way of summary blogs, detailed releases, and artifacts; articul…☆9Updated 3 years ago
- Notes on responding to security breaches relating to Azure AD☆115Updated 3 years ago
- Repository of SentinelOne Deep Visibility queries.☆127Updated 4 years ago
- A repository of my own Sigma detection rules.☆159Updated 10 months ago
- This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…☆72Updated 4 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆52Updated 2 years ago
- Convert Sigma rules to LogRhythm searches☆21Updated 3 years ago
- an excel-centric approach for the MITRE ATT&CK® Tactics and Techniques☆186Updated 3 years ago
- ☆95Updated 2 years ago
- SentinelOne STAR Rules☆62Updated 5 months ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆112Updated 7 months ago
- Collects a listing of MITRE ATT&CK Techniques, then discovers Splunk ESCU detections for each technique☆67Updated last year
- ☆72Updated 8 months ago
- MITRE ATT&CK mapped queries for SentinelOne Deep Visiblity☆91Updated 4 years ago
- ☆19Updated 3 years ago
- 🚨ATTENTION🚨 The VERIS mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here …☆71Updated last year
- Resources To Learn And Understand SIGMA Rules☆178Updated 2 years ago
- Splunk Content Control Tool☆114Updated this week
- The idea is simply to save some quick notes that will make it easier for Splunk users to leverage KQL (Kusto), especially giving projects…☆43Updated 4 years ago
- Repository of public reference frameworks for the DFIR community.☆116Updated 2 years ago
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆135Updated last year
- Advanced Hunting Queries for Microsoft Security Products☆107Updated 2 years ago
- Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CK® with a prioritized top 10 list of techniques t…☆119Updated last month
- The Infosec Community Definitive Guide to Jupyter Notebooks☆122Updated 4 years ago
- ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…☆78Updated last month
- A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon☆206Updated 5 years ago