#

siem

Here are 154 public repositories matching this topic...

Graylog2 / graylog2-server

Star

Open

Event Indices should not be offered when creating a new Stream

mpfz0r commented Jan 31, 2020

Read more

bug good first issue triaged

Open

Exception on server shutdown

Open

Discrepancy in display counts on Sources view

2

Find more good first issues →

SigmaHQ / sigma

Star

Open

Add further events to generic Windows audit config

thomaspatzke commented Oct 13, 2020

The generic Windows audit log config lacks many event ids, e.g.

registry events
driver load service addition events, System/7045 and Security/4697
likely others

Read more

enhancement good first issue

Open

Map EVTX samples to Sigma rules

2

Open

Add MITRE CAR taggig to rules

mozilla / MozDef

Star

MozDef: Mozilla Enterprise Defense Platform

python security elasticsearch elk siem elk-stack

Updated Jun 16, 2021
Python

outflanknl / RedELK

Star

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

security elasticsearch kibana logstash monitoring siem elastic red-teaming

Updated Jul 7, 2021
Python

lennartkoopmann / nzyme

Star

Nzyme is a free and open next-generation WiFi defense system. Go to www.nzyme.org for more information.

security graylog wifi infosec siem monitor-mode wids wifi-adapters wifi-ids management-frames

Updated Jul 13, 2021
Java

sentinel-attack

BlueTeamLabs / sentinel-attack

Star

Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK

azure detection logging cybersecurity sysmon threat-hunting siem security-tools blue-team mitre-attack workbooks sysmon-config terraform-azure kql azure-sentinel

Updated Apr 27, 2021
HCL

nsacyber / Event-Forwarding-Guidance

Star

Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber

windows event-log siem

Updated Nov 17, 2020
PowerShell

jaegeral / security-apis

Star

A collective list of public APIs for use in security. Contributions welcome

security json json-api awesome-list siem

Updated Jun 14, 2021

Meerkat

TonyPhipps / Meerkat

Star

A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.

Updated Mar 16, 2021
PowerShell

vast

tenzir / vast

Sponsor Star

🔮 Visibility Across Space and Time – The network telemetry engine for data-driven security investigations.

security network-forensics incident-response actor-model bitmap-index siem soc threathunting

Updated Jul 15, 2021
C++

defenxor / dsiem

Star

Security event correlation engine for ELK stack

security elasticsearch logstash elk lookup siem ossim ossim-style-correlation

Updated Jun 27, 2021
Go

olafhartong / ATTACKdatamap

Star

A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework

dfir threat-hunting siem mitre-attack threat-detection

Updated Nov 3, 2020
PowerShell

beave / sagan

Star

** README ** This repo has MOVED to https://github.com/quadrantsec/sagan

security log syslog ids siem nsm ips log-monitoring

Updated Feb 9, 2021

n0dec / MalwLess

Star

Test Blue Team detections without running any attack.

powershell dfir sysmon siem hacktoberfest blueteam redteam mitre-attack

Updated Oct 8, 2020
C#

strontic / xcyclopedia

Star

Encyclopedia for Executables

command-line executable siem exe ssdeep soar lolbins

Updated Jan 16, 2021
PowerShell

NVISOsecurity / ee-outliers

Star

Open

Implement Local Outlier Factor as trigger_method

daanraman commented Apr 3, 2019

https://en.wikipedia.org/wiki/Local_outlier_factor

Read more

good first issue to triage

Open

Create entropy metric which takes into account the length of the string

1

Open

allow support for min_value to match terms model

TonyPhipps / SIEM

Star

SIEM Tactics, Techiques, and Procedures

Updated Jul 2, 2021

iknowjason / PurpleCloud

Star

Hybrid + Identity Cyber Range

azure dfir siem pentest purpleteam azure-lab dfir-automation

Updated Jul 15, 2021
HTML

GACWR / OpenUBA

Star

A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]

Updated Jul 4, 2021
Python

inodee / threathunting-spl

Star

Splunk code (SPL) for serious threat hunters and detection engineers.

rules splunk threat-hunting siem spl use-case

Updated Jun 23, 2021

P4T12ICK / ypsilon

Star

Automated Use Case Testing

security ansible splunk malware elk siem cuckoo use-case

Updated May 1, 2018
TeX

dogoncouch / LogESP

Star

Open Source SIEM (Security Information and Event Management system).

security security-audit log-analysis log syslog web-application log-collector forensics secops siem log-management risk-assessment log-parser vulnerability-management risk-management security-tools log-monitoring security-analysis asset-management security-awareness

Updated Jun 14, 2021
Python

CityBaseInc / SIAC

Star

SIAC is an enterprise SIEM built on open-source technology.

aws security incident-response elk intrusion-detection pci-dss compliance siem osquery fim secdevops wazuh

Updated Oct 31, 2018

Annsec / awesome-cybersecurity

Star

Curated list of awesome cybersecurity companies and solutions.

security malware cybersecurity siem threatintel

Updated Apr 20, 2017

Cargill / OpenSIEM-Logstash-Parsing

Star

SIEM Logstash parsing for more than hundred technologies

logstash parsing logs siem

Updated Jul 15, 2021
Python

SecurityRiskAdvisors / TALR

Star

Threat Alert Logic Repository

siem stix taxii sigma

Updated Feb 7, 2019
Shell

russelltomkins / Project-Sauron

Star

Tools to create a Native Windows Audit Collection Platform. Active Directory example provided

subscription event siem domain-controller audit-event event-forwarding wec wef

Updated Nov 5, 2019
PowerShell

ashwin-patil / blue-teaming-with-kql

Star

Repository with Sample KQL Query examples for Threat Hunting

security azure threat-hunting siem loganalytics blueteaming azure-data-explorer kql azure-sentinel

Updated Feb 19, 2021

skalogs / SkaETL

Star

Open Source ETL designed for and dedicated to Log processing and transformation

java elasticsearch logstash kafka etl logs cmdb siem

Updated Jul 2, 2021
Java

sigmai

0xThiebaut / sigmai

Star

Import specific data sources into the Sigma generic and open signature format.

security monitoring logging ids signatures siem misp sigma

Updated Jun 9, 2020
Go

Improve this page

Add a description, image, and links to the siem topic page so that developers can more easily learn about it.

Curate this topic

Add this topic to your repo

To associate your repository with the siem topic, visit your repo's landing page and select "manage topics."