Main Sigma Rule Repository
-
Updated
Jun 5, 2024 - Python
Main Sigma Rule Repository
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Free and open log management
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
DEPRECATED - MozDef: Mozilla Enterprise Defense Platform
🐳 Elastic Stack (ELK) v8+ on Docker with Compose. Pre-configured out of the box to enable Logging, Metrics, APM, Alerting, ML, and SIEM features. Up with a Single Command.
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
A collection of sources of documentation, as well as field best practices, to build/run a SOC
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.
A collective list of public APIs for use in security. Contributions welcome
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
A little tool to play with Azure Identity - Azure Active Directory lab creation tool
Open source security data pipelines.
Add a description, image, and links to the siem topic page so that developers can more easily learn about it.
To associate your repository with the siem topic, visit your repo's landing page and select "manage topics."