mpfz0r
commented
Jan 31, 2020
Read more
#
siem
Here are 120 public repositories matching this topic...
thomaspatzke
commented
Oct 13, 2020
The generic Windows audit log config lacks many event ids, e.g.
- registry events
- driver load service addition events, System/7045 and Security/4697
- likely others
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
-
Updated
Oct 10, 2020 - CSS
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
azure
detection
logging
cybersecurity
sysmon
threat-hunting
siem
security-tools
blue-team
mitre-attack
workbooks
sysmon-config
terraform-azure
kql
azure-sentinel
-
Updated
Aug 28, 2020 - HCL
Nzyme collects 802.11 management frames directly from the air and sends them to a Graylog (Open Source log management) setup for WiFi IDS, monitoring, and incident response. It only needs a JVM and a WiFi adapter that supports monitor mode.
-
Updated
Oct 13, 2020 - Java
A collective list of public JSON APIs for use in security. Contributions welcome
-
Updated
Oct 6, 2020
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
-
Updated
Oct 7, 2020 - PowerShell
Security event correlation engine for ELK stack
-
Updated
Sep 14, 2020 - Go
Test Blue Team detections without running any attack.
-
Updated
Oct 8, 2020 - C#
-
Updated
Oct 14, 2020 - C++
daanraman
commented
Apr 3, 2019
Splunk code (SPL) useful for serious threat hunters.
-
Updated
Jul 1, 2020
SIAC is an enterprise SIEM built on open-source technology.
aws
security
incident-response
elk
intrusion-detection
pci-dss
compliance
siem
osquery
fim
secdevops
wazuh
-
Updated
Oct 31, 2018
Open Source SIEM (Security Information and Event Management system).
security
security-audit
log-analysis
log
syslog
web-application
log-collector
forensics
secops
siem
log-management
risk-assessment
log-parser
vulnerability-management
risk-management
security-tools
log-monitoring
security-analysis
asset-management
security-awareness
-
Updated
Jun 5, 2020 - Python
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
react
nodejs
flask
security
elasticsearch
machine-learning
spark
analytics
tensorflow
sklearn
elk
datascience
cybersecurity
siem
information-security
uba
anomaly-detection
user-behaviour
ueba
threathunting
-
Updated
Sep 25, 2020 - Python
Curated list of awesome cybersecurity companies and solutions.
-
Updated
Apr 20, 2017
Tools to create a Native Windows Audit Collection Platform. Active Directory example provided
-
Updated
Nov 5, 2019 - PowerShell
Import specific data sources into the Sigma generic and open signature format.
-
Updated
Jun 9, 2020 - Go
A Lambda-powered Security Orchestration framework for AWS GuardDuty
aws
cloud
aws-lambda
incident-response
cybersecurity
siem
threatintel
aws-security
blueteam
cloudsecurity
soar
aws-guardduty
-
Updated
Dec 15, 2019 - Python
Install a full Splunk Enterprise Cluster or Universal forwarder using an ansible playbook
-
Updated
May 24, 2020 - Shell
Improve this page
Add a description, image, and links to the siem topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the siem topic, visit your repo's landing page and select "manage topics."