Alternatives and similar repositories for IRIS-SOAR

Users that are interested in IRIS-SOAR are comparing it to the libraries listed below

• austinsonger / Elastic-Security
  Repo for Automations and other solutions for Elastic SIEM/Security.
  ☆18Updated 4 years ago
• PwC-IR / MIA-MailItemsAccessed-
  Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed features…
  ☆41Updated 4 years ago
• blackstork-io / fabric-templates
  Open-source Fabric templates for cybersecurity and compliance
  ☆20Updated 5 months ago
• eric-ooi / elastic-m365
  Custom Kibana dashboards to secure and monitor Microsoft 365.
  ☆13Updated last year
• 0xAnalyst / DefenderATPQueries
  Hunting Queries for Defender ATP
  ☆82Updated 2 months ago
• invictus-ir / Blue-team-app-Office-365-and-Azure
  ☆72Updated 8 months ago
• joeavanzato / ThreatSim
  Threat Simulator for Enterprise Networks
  ☆14Updated 3 years ago
• alexverboon / DefenderResourceHub
  Defender Resource Hub
  ☆26Updated this week
• Shuffle / workflows
  Workflows for Shuffle
  ☆23Updated 2 years ago
• SecurityBagel / VulnBagel
  A collection of dashboards, templates, API's and Power BI code for vulnerability management and analysis
  ☆23Updated 4 months ago
• dfir-dd / incident-response-playbooks
  Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents
  ☆44Updated last year
• CrowdStrike / MISP-tools
  Import CrowdStrike Threat Intelligence into your instance of MISP
  ☆47Updated last week
• cylaris / awesomekql
  Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs
  ☆55Updated last year
• cutaway-security / sawh
  Stand-Alone Windows Hardening (SAWH) is a script to reduce the attack surface of Windows systems that are not attached to a Windows Activ…
  ☆53Updated 3 years ago
• guardsight / gsvsoc_mission-model
  Incident Response Report Using GitHub-Sphinx
  ☆20Updated 5 years ago
• Bert-JanP / SecScripts
  Security Scripts and Sources for daily usage.
  ☆61Updated last week
• ail-project / ail-training
  AIL project training materials
  ☆31Updated last month
• reversinglabs / reversinglabs-siem-rules
  A collection of various SIEM rules relating to malware family groups.
  ☆66Updated last year
• eshlomo1 / Azure-AD-Incident-Response
  Azure AD Incident Response
  ☆25Updated 3 years ago
• ugurkocde / KQL-Search
  ☆30Updated last year
• activecm / espy
  Endpoint detection for remote hosts for consumption by RITA and Elasticsearch
  ☆70Updated 2 years ago
• cudeso / misp2sentinel
  MISP to Sentinel integration
  ☆68Updated last week
• siemucsm / siemucsm
  SIEM USE Case Selection Methodology
  ☆16Updated 4 years ago
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆55Updated 3 months ago
• juaromu / wazuh
  ☆19Updated 3 years ago
• quitehacker / MITRE-ATTACK-Enterprise-Matrix-in-Excel-for-SOC
  The Enhanced MITRE ATT&CK® Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simp…
  ☆26Updated 5 months ago
• Truvis / Sentinel
  ☆29Updated last month
• otoriocyber / DCOM-HardeningTool
  Powershell script for Windows to retrieve the authentication hardening status of DCOM applications
  ☆21Updated 2 years ago
• HASecuritySolutions / Sysmon-Manager
  This repo contains information on how to auto deploy Sysmon via GPO and Task Scheduler
  ☆12Updated 3 years ago
• bittib010 / AjourVolAutolity
  A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.
  ☆16Updated 6 months ago