wagov / wasocshared
WA Cyber Security Unit (DGOV Technical) site
☆29Updated this week
Related projects ⓘ
Alternatives and complementary repositories for wasocshared
- A tool that allows you to document and assess any security automation in your SOC☆43Updated 3 weeks ago
- MISP to Sentinel integration☆60Updated last week
- ☆41Updated 2 years ago
- ☆87Updated 2 years ago
- ☆30Updated 2 weeks ago
- This directory features proven systems that demonstrate value to your threat-informed efforts using metrics.☆97Updated this week
- ☆80Updated 2 months ago
- Dettectinator - The Python library to your DeTT&CT YAML files.☆104Updated this week
- A collection of various SIEM rules relating to malware family groups.☆62Updated 5 months ago
- Incident Response Methodologies (IRM), also called Incident Playbook, based on the work done by the CERT Societe General☆23Updated 2 years ago
- CTI Blueprints is a free suite of templates and tools that helps Cyber Threat Intelligence analysts create high-quality, actionable repor…☆204Updated last year
- ☆75Updated 3 weeks ago
- Sensor Mappings to ATT&CK is a collection of resources to assist cyber defenders with understanding which sensors and events can help det…☆45Updated 5 months ago
- Cybersecurity Incident Response Plan☆87Updated 4 years ago
- A collection of tips for using MISP.☆74Updated 7 months ago
- Microsoft Sentinel, Defender for Endpoint - KQL Detection Packs☆51Updated last year
- ☆83Updated 3 months ago
- An opensource sigma conversion tool built using pysigma☆101Updated this week
- Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques☆123Updated 9 months ago
- A browser extension for threat hunting that provides one UI for different SIEMs/EDRs and simplifies investigation☆75Updated 6 months ago
- This code snippet retrieves Azure Sentinel rules that are mapped to MITRE ATT&CK Framework and generates the related MITRE D3FEND defense…☆66Updated 3 years ago
- ☆70Updated last month
- A community event for security researchers to share their favorite notebooks☆106Updated 9 months ago
- Notes on managing and coordinating the response to major cyber incidents☆39Updated 4 years ago
- Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.☆125Updated 2 years ago
- Convert Sigma rules to LogRhythm searches☆19Updated 2 years ago
- Roota is a public-domain language of threat detection and response that combines native queries from a SIEM, EDR, XDR, or Data Lake with …☆116Updated 4 months ago
- Provides an advanced input.conf file for Windows and 3rd party related software with more than 70 different event log mapped to the MITRE…☆81Updated last month
- ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit l…☆145Updated last week
- Cyber Defence related kusto queries for use in Azure Sentinel and Defender advanced hunting☆57Updated 3 weeks ago