swiftbird07 / IRIS-SOARLinks
๐ IRIS-SOAR: Modular SOAR (Security Orchestration, Automation, and Response) implementation in Python. Designed to complement DFIR-IRIS through playbook automation and seamless integrations. Easily extensible and in active development. Join us in building a tool geared towards enhancing security efficiency!
โ10Updated last year
Alternatives and similar repositories for IRIS-SOAR
Users that are interested in IRIS-SOAR are comparing it to the libraries listed below
Sorting:
- Repo for Automations and other solutions for Elastic SIEM/Security.โ18Updated 4 years ago
- Tool to extract Sessions, MessageID(s) and find the emails belonging to MessageID(s). This script utilizes the MailItemsAccessed featuresโฆโ41Updated 4 years ago
- Open-source Fabric templates for cybersecurity and complianceโ20Updated 5 months ago
- Custom Kibana dashboards to secure and monitor Microsoft 365.โ13Updated last year
- Hunting Queries for Defender ATPโ82Updated 2 months ago
- โ72Updated 8 months ago
- Threat Simulator for Enterprise Networksโ14Updated 3 years ago
- Defender Resource Hubโ26Updated this week
- Workflows for Shuffleโ23Updated 2 years ago
- A collection of dashboards, templates, API's and Power BI code for vulnerability management and analysisโ23Updated 4 months ago
- Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidentsโ44Updated last year
- Import CrowdStrike Threat Intelligence into your instance of MISPโ47Updated last week
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packsโ55Updated last year
- Stand-Alone Windows Hardening (SAWH) is a script to reduce the attack surface of Windows systems that are not attached to a Windows Activโฆโ53Updated 3 years ago
- Incident Response Report Using GitHub-Sphinxโ20Updated 5 years ago
- Security Scripts and Sources for daily usage.โ61Updated last week
- AIL project training materialsโ31Updated last month
- A collection of various SIEM rules relating to malware family groups.โ66Updated last year
- Azure AD Incident Responseโ25Updated 3 years ago
- โ30Updated last year
- Endpoint detection for remote hosts for consumption by RITA and Elasticsearchโ70Updated 2 years ago
- MISP to Sentinel integrationโ68Updated last week
- SIEM USE Case Selection Methodologyโ16Updated 4 years ago
- Sigma detection rules for hunting with the threathunting-keywords projectโ55Updated 3 months ago
- โ19Updated 3 years ago
- The Enhanced MITRE ATT&CKยฎ Coverage Tracker is an Excel tool for SOCs to measure and improve detection coverage of cyber threats. It simpโฆโ26Updated 5 months ago
- โ29Updated last month
- Powershell script for Windows to retrieve the authentication hardening status of DCOM applicationsโ21Updated 2 years ago
- This repo contains information on how to auto deploy Sysmon via GPO and Task Schedulerโ12Updated 3 years ago
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.โ16Updated 6 months ago