mpfz0r
commented
Jan 31, 2020
Read more
#
siem
Here are 163 public repositories matching this topic...
thomaspatzke
commented
Oct 13, 2020
The generic Windows audit log config lacks many event ids, e.g.
- registry events
- driver load service addition events, System/7045 and Security/4697
- likely others
DEPRECATED - MozDef: Mozilla Enterprise Defense Platform
-
Updated
Nov 2, 2021 - Python
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
-
Updated
Nov 18, 2021 - Python
Nzyme is a free and open next-generation WiFi defense system. Go to www.nzyme.org for more information.
-
Updated
Nov 27, 2021 - Java
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
azure
detection
logging
cybersecurity
sysmon
threat-hunting
siem
security-tools
blue-team
mitre-attack
workbooks
sysmon-config
terraform-azure
kql
azure-sentinel
-
Updated
Apr 27, 2021 - HCL
A collective list of public APIs for use in security. Contributions welcome
-
Updated
Jun 14, 2021
-
Updated
Nov 27, 2021 - C++
Security event correlation engine for ELK stack
-
Updated
Nov 26, 2021 - Go
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
-
Updated
Nov 3, 2020 - PowerShell
** README ** This repo has MOVED to https://github.com/quadrantsec/sagan
-
Updated
Feb 9, 2021
Test Blue Team detections without running any attack.
-
Updated
Oct 11, 2021 - C#
adulau
commented
Jun 4, 2021
Thanks for the initiative. It's great.
It seems that the JSON produced cannot be parsed with jq which is standard JSON parser.
cat strontic-xcyclopedia.json | jq .
parse error: Invalid string: control characters from U+0000 through U+001F must be escaped at line 22163, column 3776
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
react
nodejs
flask
security
elasticsearch
machine-learning
spark
analytics
tensorflow
sklearn
elk
datascience
cybersecurity
siem
information-security
uba
anomaly-detection
user-behaviour
ueba
threathunting
-
Updated
Nov 10, 2021 - Python
daanraman
commented
Apr 3, 2019
Hybrid + Identity Cyber Range
-
Updated
Jul 16, 2021 - HTML
Open Source SIEM (Security Information and Event Management system).
security
security-audit
log-analysis
log
syslog
web-application
log-collector
forensics
secops
siem
log-management
risk-assessment
log-parser
vulnerability-management
risk-management
security-tools
log-monitoring
security-analysis
asset-management
security-awareness
-
Updated
Jun 14, 2021 - Python
SIAC is an enterprise SIEM built on open-source technology.
aws
security
incident-response
elk
intrusion-detection
pci-dss
compliance
siem
osquery
fim
secdevops
wazuh
-
Updated
Oct 31, 2018
Repository with Sample KQL Query examples for Threat Hunting
-
Updated
Aug 6, 2021
Curated list of awesome cybersecurity companies and solutions.
-
Updated
Apr 20, 2017
Set of EVTX samples (>170) mapped to MITRE Att@k tactic and techniques to measure your SIEM coverage or developed new use cases.
-
Updated
Nov 26, 2021
Kong API Manager with Prometheus And Graylog
-
Updated
Oct 8, 2021 - Python
Improve this page
Add a description, image, and links to the siem topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the siem topic, visit your repo's landing page and select "manage topics."