sysflow-telemetry / sf-collector
SysFlow collection probe
☆16Updated 3 weeks ago
Alternatives and similar repositories for sf-collector:
Users that are interested in sf-collector are comparing it to the libraries listed below
- SysFlow edge processing pipeline☆14Updated 2 weeks ago
- SysFlow documentation and issues tracker☆46Updated 4 months ago
- SysFlow project APIs☆15Updated 7 months ago
- Augmentation to Machine Readable CTI☆27Updated last month
- This repository includes a mapping table and a reference process that allows converting between STIX 2.1 Course of Action objects that ma…☆16Updated 2 years ago
- ☆39Updated 2 weeks ago
- OCA-wide documentation shared by all sub-projects and repositories☆33Updated 2 months ago
- Firepit - STIX Columnar Storage☆16Updated 7 months ago
- Adversary Emulation Planner☆38Updated 7 months ago
- Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert☆37Updated 2 years ago
- This repository hosts community contributed Kestrel huntflows (.hf) and huntbooks (.ipynb)☆32Updated last year
- This repository hosts community contributed Kestrel analytics☆16Updated 8 months ago
- Zeek support for Community ID flow hashing.☆35Updated last year
- Zeek Extension to Collect Metadata for Profiling of Endpoints and Proxies☆27Updated 10 months ago
- Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…☆50Updated this week
- A STIX 2.1 Extension Definition for the Course of Action (COA) object type. The nested property extension allows a COA to share machine-r…☆23Updated last year
- Red Canary's eBPF Sensor☆101Updated 6 months ago
- Cisco Orbital - Osquery queries by Talos☆129Updated 5 months ago
- OASIS Cyber Threat Intelligence (CTI) TC: A tool for generating STIX content for prototyping and testing. https://github.com/oasis-open/c…☆40Updated 9 months ago
- Alternative YARA scanning engine☆67Updated 2 years ago
- An elevated STIX representation of the MITRE ATT&CK Groups knowledge base☆23Updated 2 years ago
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆49Updated 7 months ago
- MITRE Engage™ is a framework for conducting Denial, Deception, and Adversary Engagements.☆62Updated 9 months ago
- A Zeek package that detects Zoom logins and meeting joins☆12Updated 4 years ago
- Zeek plugin to generate data on per-packet sizes and intervals☆14Updated 4 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆66Updated 2 weeks ago
- A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…☆35Updated 2 years ago
- Threat Detection Rules (Snort/Sigma/Yara)☆13Updated last year
- Threat Detection & Anomaly Detection rules for popular open-source components☆50Updated 2 years ago
- SOARCA - The Open Source CACAO-based Security Orchestrator!☆64Updated this week