mpfz0r
commented
Jan 31, 2020
Read more
#
siem
Here are 110 public repositories matching this topic...
thomaspatzke
commented
May 12, 2019
Someone should map publicly available EVTX samples to Sigma rules. This would enable us to automatically test the correctness of generated queries.
Known security-related EVTX repositories:
Feel free to extend the list.
Mapping should be:
Sigma rule -> Repository/EVTX ( -> expected matched
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
-
Updated
Aug 20, 2020 - CSS
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
azure
detection
logging
cybersecurity
sysmon
threat-hunting
siem
security-tools
blue-team
mitre-attack
workbooks
sysmon-config
terraform-azure
kql
azure-sentinel
-
Updated
Jul 23, 2020 - HCL
Nzyme collects 802.11 management frames directly from the air and sends them to a Graylog (Open Source log management) setup for WiFi IDS, monitoring, and incident response. It only needs a JVM and a WiFi adapter that supports monitor mode.
-
Updated
Aug 17, 2020 - Java
A collective list of public JSON APIs for use in security. Contributions welcome
-
Updated
Jan 11, 2020
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
-
Updated
Nov 8, 2019 - PowerShell
Security event correlation engine for ELK stack
-
Updated
Aug 1, 2020 - Go
Test Blue Team detections without running any attack.
-
Updated
Apr 29, 2020 - C#
-
Updated
Aug 20, 2020 - C++
daanraman
commented
Apr 3, 2019
Splunk code (SPL) useful for serious threat hunters.
-
Updated
Jul 1, 2020
SIAC is an enterprise SIEM built on open-source technology.
aws
security
incident-response
elk
intrusion-detection
pci-dss
compliance
siem
osquery
fim
secdevops
wazuh
-
Updated
Oct 31, 2018
Open Source SIEM (Security Information and Event Management system).
security
security-audit
log-analysis
log
syslog
web-application
log-collector
forensics
secops
siem
log-management
risk-assessment
log-parser
vulnerability-management
risk-management
security-tools
log-monitoring
security-analysis
asset-management
security-awareness
-
Updated
Jun 5, 2020 - Python
Curated list of awesome cybersecurity companies and solutions.
-
Updated
Apr 20, 2017
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
react
nodejs
flask
security
elasticsearch
machine-learning
spark
analytics
tensorflow
sklearn
elk
datascience
cybersecurity
siem
information-security
uba
anomaly-detection
user-behaviour
ueba
threathunting
-
Updated
May 25, 2020 - Python
Tools to create a Native Windows Audit Collection Platform. Active Directory example provided
-
Updated
Nov 5, 2019 - PowerShell
Import specific data sources into the Sigma generic and open signature format.
-
Updated
Jun 9, 2020 - Go
A Lambda-powered Security Orchestration framework for AWS GuardDuty
aws
cloud
aws-lambda
incident-response
cybersecurity
siem
threatintel
aws-security
blueteam
cloudsecurity
soar
aws-guardduty
-
Updated
Dec 15, 2019 - Python
Install a full Splunk Enterprise Cluster or Universal forwarder using an ansible playbook
-
Updated
May 24, 2020 - Shell
A SIEM inspired by HECTOR, built on Django.
-
Updated
Apr 16, 2019 - Python
Improve this page
Add a description, image, and links to the siem topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the siem topic, visit your repo's landing page and select "manage topics."