threat-punter/detection-as-code-example external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

threat-punter/detection-as-code-example

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/threat-punter/detection-as-code-example)

Close

threat-punter / detection-as-code-exampleView on GitHubMore

• External links
• Readme badge

A POC to implement Detection-as-Code with Terraform and Sumo Logic.

☆31Jul 27, 2023Updated 2 years ago

Alternatives and similar repositories for detection-as-code-example

Users that are interested in detection-as-code-example are comparing it to the libraries listed below

• infosecB / detection-as-code

  View on GitHub
  An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.
  ☆60Mar 12, 2022Updated 4 years ago
• runreveal / sigmalite

  View on GitHub
  ☆56Dec 13, 2025Updated 3 months ago
• SigmaHQ / cookiecutter-pySigma-backend

  View on GitHub
  pySigma Cookiecutter backend template
  ☆24Sep 17, 2025Updated 6 months ago
• rcegan / ConvertSigmaRepo2KQL

  View on GitHub
  A small crappy script I wrote that converts the Sigma Windows Process Creation events to KQL via PySigma. Designed for CI/CD
  ☆10Nov 7, 2023Updated 2 years ago
• LogRhythm-Services / Axon-Content

  View on GitHub
  Community content for LogRhythm Axon. Includes Dashboards, searches, analytics rules, processing policies and more.
  ☆10Jul 26, 2024Updated last year
• SigmaHQ / pySigma-backend-crowdstrike

  View on GitHub
  SigmaHQ pySigma CrowdStrike processing pipeline
  ☆28Nov 30, 2025Updated 3 months ago
• FalconForceTeam / FalconForge

  View on GitHub
  This repository is used by FalconForce to release parts of the internal tools used for maintaining, validating and automatically deployin…
  ☆18Mar 10, 2023Updated 3 years ago
• DataDog / cloud-siem-aws-threat-emulation

  View on GitHub
  A guide to simplify the process of evaluating Datadog's Cloud SIEM security capabilities to detect AWS threats.
  ☆20Jul 24, 2023Updated 2 years ago
• panther-labs / panther_analysis_tool

  View on GitHub
  Command line tool for working with Panther rules and policies
  ☆48Mar 13, 2026Updated last week
• PacktPublishing / Automating-Security-Detection-Engineering

  View on GitHub
  Automating Security Detection Engineering, published by Packt
  ☆67Oct 12, 2024Updated last year
• Loginsoft-LLC / threat-detection-rules

  View on GitHub
  Threat Detection & Anomaly Detection rules for popular open-source components
  ☆53Jul 27, 2022Updated 3 years ago
• chronicle / detection-rules

  View on GitHub
  Collection of example YARA-L rules for use within Google Security Operations
  ☆477Dec 5, 2025Updated 3 months ago
• cyberphor / scripts

  View on GitHub
  Scripts written in BASH, PowerShell, Python, and other languages.
  ☆10Aug 5, 2023Updated 2 years ago
• Permiso-io-tools / cloudtail

  View on GitHub
  ☆30Jan 13, 2026Updated 2 months ago
• threat-punter / security-publications

  View on GitHub
  Detection Engineering research, open-source tools, conference presentations, and technical publications shared with the security communit…
  ☆28Dec 17, 2025Updated 3 months ago
• Group-IB / pythf

  View on GitHub
  Malware detonation platform Polygon integration
  ☆10Aug 1, 2023Updated 2 years ago
• invictus-ir / Sigma-AWS

  View on GitHub
  This repository contains the research and components of our research into using Sigma for AWS Incident Response.
  ☆31Jul 12, 2023Updated 2 years ago
• kidcrash22 / Sysmon-Threat-Intel

  View on GitHub
  ☆13Feb 6, 2018Updated 8 years ago
• joelparkerhenderson / safety-philosophy

  View on GitHub
  Safety philosopy: example principles for an organization and management
  ☆13Apr 14, 2025Updated 11 months ago
• ninoseki / kibune

  View on GitHub
  A Sigma based detection pipeline
  ☆12Dec 15, 2023Updated 2 years ago
• Neo23x0 / evt2sigma

  View on GitHub
  Log Entry to Sigma Rule Converter
  ☆107Mar 3, 2022Updated 4 years ago
• muchdogesec / sigma2stix

  View on GitHub
  ⚠️ ARCHIVED**: This repository is no longer actively maintained. All Sigma rules are now managed and available in SIEM Rules
  ☆12Updated this week
• mbabinski / Sigma-Rules

  View on GitHub
  A repository of my own Sigma detection rules.
  ☆163Nov 25, 2025Updated 3 months ago
• NikolasBielski / Adversarial-Detection-Engineering-Framework

  View on GitHub
  A framework and taxonomy for identifying, classifying, and reasoning about detection logic bugs in SIEM, EDR, and XDR rules, with concret…
  ☆45Mar 5, 2026Updated 2 weeks ago
• bcmc / oss

  View on GitHub
  \B\C\M\C\ Open Source Software
  ☆20Jan 3, 2022Updated 4 years ago
• themittenmac / threat-hunting-macos-book

  View on GitHub
  A companion Github repo for the book - Threat Hunting macOS by Jaron Bradley
  ☆19Jul 26, 2025Updated 7 months ago
• kitnil / awesome

  View on GitHub
  ☆13Sep 10, 2021Updated 4 years ago
• AttackIQ / SigmAIQ

  View on GitHub
  A pySigma wrapper and langchain toolkit for automatic rule creation/translation
  ☆92Nov 3, 2025Updated 4 months ago
• chronicle / ingestion-scripts

  View on GitHub
  ☆39Mar 2, 2026Updated 2 weeks ago
• Permiso-io-tools / bucket-shield

  View on GitHub
  ☆14Jan 8, 2026Updated 2 months ago
• waffl3ss / bloodpath

  View on GitHub
  Agressor script for Cobalt Strike to mark users as owned in bloodhound from the Cobalt Strike credentials tab.
  ☆12Dec 21, 2019Updated 6 years ago
• Corissalea / KQL-and-Workbooks

  View on GitHub
  Sharing presentation slides and workbook templates that can be useful to others to learn more about Azure Active Directory!
  ☆21Aug 23, 2024Updated last year
• P4T12ICK / Sigma-Rule-Repository

  View on GitHub
  Sigma Detection Rule Repository
  ☆92Jun 18, 2020Updated 5 years ago
• JPMinty / Detection_Engineering_Signatures

  View on GitHub
  YARA, SIGMA, SNORT Rules based on Malware Analysis
  ☆17Apr 23, 2025Updated 10 months ago
• SigmaHQ / pySigma-backend-splunk

  View on GitHub
  pySigma Splunk backend
  ☆41Mar 15, 2026Updated last week
• anvilogic-forge / armory

  View on GitHub
  Anvilogic Forge
  ☆116Sep 18, 2025Updated 6 months ago
• mitre / emass_client

  View on GitHub
  The eMASS client repository maintains the Enterprise Mission Assurance Support Service (eMASS) Representational State Transfer (REST) App…
  ☆26Oct 21, 2025Updated 5 months ago
• Yamato-Security / suzaku-rules

  View on GitHub
  ☆11Dec 9, 2025Updated 3 months ago
• wv8672 / AWS-Linux-Mem-Dump

  View on GitHub
  A Python, Boto3 script that leverages a forensic volume to attach & mount to a selected instance, run a memory dump, unmount and detach f…
  ☆12Jul 15, 2020Updated 5 years ago