w8mej / InfoSec-BlueprintsLinks
Essential playbooks & runbooks for cybersecurity operations. A dynamic resource for security pros to navigate digital threats, with best practices, incident management protocols, and community-driven updates. Elevate your security strategy and response with our AI-driven guides.
☆12Updated 4 months ago
Alternatives and similar repositories for InfoSec-Blueprints
Users that are interested in InfoSec-Blueprints are comparing it to the libraries listed below
Sorting:
- Automating Security Detection Engineering, published by Packt☆62Updated 10 months ago
- Mappings Explorer enables cyber defenders to understand how security controls and capabilities map onto the adversary behaviors catalogue…☆73Updated last week
- Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise☆66Updated last year
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆50Updated 2 months ago
- The principal objective of this project is to develop a knowledge base of the tactics, techniques, and procedures (TTPs) used by insiders…☆144Updated last month
- Security Scripts and Sources for daily usage.☆65Updated 2 months ago
- MAD ATT&CK Defender: ATT&CK Adversary Emulation Repository☆119Updated 2 years ago
- A curated repository of incident response playbooks☆96Updated 2 years ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆116Updated 4 months ago
- Top ATT&CK Techniques helps defenders approach the breadth and complexity of MITRE ATT&CK® with a prioritized top 10 list of techniques t…☆119Updated 3 months ago
- Creating a resource to help build and manage an Insider Threat program.☆89Updated 7 months ago
- MISP Playbooks☆207Updated 2 months ago
- A tool that allows you to document and assess any security automation in your SOC☆47Updated 10 months ago
- 🚨ATTENTION🚨 The CVE mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as…☆240Updated last year
- Integrate your Wazuh-Manager or Graylog with the SOCFortress Threat Intel Service☆29Updated 11 months ago
- A collection of various SIEM rules relating to malware family groups.☆69Updated last year
- ☆85Updated 3 weeks ago
- Apps to be used for Shuffle automation. Most of Shuffle's apps (2500+) are generated from APIs, and available in the search engine below:☆116Updated last week
- The Sigma command line interface based on pySigma☆158Updated last week
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆136Updated last year
- The Infosec Community Definitive Guide to Jupyter Notebooks☆124Updated 4 years ago
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆196Updated last year
- Blue Team detection lab created with Terraform and Ansible in Azure.☆162Updated 9 months ago
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆128Updated last year
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆55Updated 2 years ago
- Import CrowdStrike Threat Intelligence into your instance of MISP☆48Updated 2 months ago
- An example of how to deploy a Detection as Code pipeline using Sigma Rules, Sigmac, Gitlab CI, and Splunk.☆58Updated 3 years ago
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆263Updated 5 months ago
- Resources To Learn And Understand SIGMA Rules☆180Updated 2 years ago
- This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…☆73Updated 4 years ago