stahler / QRadar
Using QRadar API
☆20Updated 6 years ago
Related projects ⓘ
Alternatives and complementary repositories for QRadar
- The Project can be used to integrate QRadar with MISP Threat Sharing Platform☆38Updated 2 years ago
- Repo of python/bash scripts for identifying IoC's in threat feed and other online tools☆26Updated 4 years ago
- Provides detection capabilities and log conversion to evtx or syslog capabilities☆52Updated 2 years ago
- Repository for SPEED SIEM Use Case Framework☆52Updated 4 years ago
- A script to create and assign SOP tasks into the cases☆18Updated 4 years ago
- ☆34Updated 3 years ago
- Library of threat hunts to get any user started!☆40Updated 4 years ago
- List of sigma for a variety of threats for multiple log sources.☆11Updated 5 years ago
- Threat Hunting with ELK Workshop (InfoSecWorld 2017)☆66Updated 7 years ago
- Recon Hunt Queries☆75Updated 3 years ago
- Incident Response Network Tools☆23Updated 3 years ago
- Incident response teams usually working on the offline data, collecting the evidence, then analyze the data☆44Updated 2 years ago
- automate your MISP installs☆66Updated 4 years ago
- Repository with Sample threat hunting notebooks on Security Event Log Data Sources☆58Updated last year
- ☆13Updated 2 years ago
- Threat Detection & Anomaly Detection rules for popular open-source components☆50Updated 2 years ago
- Volatility plugins developed and maintained by the community☆21Updated last month
- ☆77Updated 5 years ago
- A Splunk app with saved reports derived from Sigma rules☆72Updated 6 years ago
- Reference sheet for Threat Hunting Professional Course☆25Updated 5 years ago
- MasterParser is a simple, all-in-one, digital forensics artifact parser☆23Updated 3 years ago
- This repo represents work the Phantom Community collaborates on to build apps and learn.☆12Updated 3 years ago
- Utilizing your Threat data from a MISP instance into CarbonBlack Response by exposing the data in the Threat Intelligence Feed.☆19Updated 2 years ago
- Sharing Threat Hunting runbooks☆24Updated 5 years ago
- A Splunk App containing Sigma detection rules, which can be updated from a Git repository.☆107Updated 4 years ago
- Collection of useful, up to date, Carbon Black Response Queries☆83Updated 4 years ago
- Collection of walkthroughs on various threat hunting techniques☆75Updated 4 years ago
- Expert Investigation Guides☆50Updated 3 years ago
- Pulls IOCs from MISP and adds the to reference sets in QRadar☆33Updated last year