mpfz0r
commented
Jan 31, 2020
Read more
#
siem
Here are 125 public repositories matching this topic...
thomaspatzke
commented
Oct 13, 2020
The generic Windows audit log config lacks many event ids, e.g.
- registry events
- driver load service addition events, System/7045 and Security/4697
- likely others
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
-
Updated
Nov 27, 2020 - Python
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
azure
detection
logging
cybersecurity
sysmon
threat-hunting
siem
security-tools
blue-team
mitre-attack
workbooks
sysmon-config
terraform-azure
kql
azure-sentinel
-
Updated
Nov 6, 2020 - HCL
Nzyme collects 802.11 management frames directly from the air and sends them to a Graylog (Open Source log management) setup for WiFi IDS, monitoring, and incident response. It only needs a JVM and a WiFi adapter that supports monitor mode.
-
Updated
Nov 16, 2020 - Java
A collective list of public JSON APIs for use in security. Contributions welcome
-
Updated
Nov 16, 2020
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
-
Updated
Nov 3, 2020 - PowerShell
Security event correlation engine for ELK stack
-
Updated
Nov 25, 2020 - Go
Test Blue Team detections without running any attack.
-
Updated
Oct 8, 2020 - C#
-
Updated
Dec 4, 2020 - C++
daanraman
commented
Apr 3, 2019
Splunk code (SPL) useful for serious threat hunters.
-
Updated
Oct 30, 2020
SIAC is an enterprise SIEM built on open-source technology.
aws
security
incident-response
elk
intrusion-detection
pci-dss
compliance
siem
osquery
fim
secdevops
wazuh
-
Updated
Oct 31, 2018
Open Source SIEM (Security Information and Event Management system).
security
security-audit
log-analysis
log
syslog
web-application
log-collector
forensics
secops
siem
log-management
risk-assessment
log-parser
vulnerability-management
risk-management
security-tools
log-monitoring
security-analysis
asset-management
security-awareness
-
Updated
Jun 5, 2020 - Python
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
react
nodejs
flask
security
elasticsearch
machine-learning
spark
analytics
tensorflow
sklearn
elk
datascience
cybersecurity
siem
information-security
uba
anomaly-detection
user-behaviour
ueba
threathunting
-
Updated
Nov 13, 2020 - Python
Curated list of awesome cybersecurity companies and solutions.
-
Updated
Apr 20, 2017
Tools to create a Native Windows Audit Collection Platform. Active Directory example provided
-
Updated
Nov 5, 2019 - PowerShell
Import specific data sources into the Sigma generic and open signature format.
-
Updated
Jun 9, 2020 - Go
Encyclopedia for Executables
-
Updated
Nov 6, 2020 - PowerShell
A Lambda-powered Security Orchestration framework for AWS GuardDuty
aws
cloud
aws-lambda
incident-response
cybersecurity
siem
threatintel
aws-security
blueteam
cloudsecurity
soar
aws-guardduty
-
Updated
Dec 15, 2019 - Python
Improve this page
Add a description, image, and links to the siem topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the siem topic, visit your repo's landing page and select "manage topics."