SIEM
SIEM framework
A comprehensive resource for developing and implementing an effective Security Information and Event Management (SIEM) system
SIEM Tactics, Techiques, and Procedures
594 stars
33 watching
103 forks
Language: PowerShell
last commit: about 2 months ago
Linked from 1 awesome list
analysisbaselineblueforensicshuntincidentlogmonitorpurplereconredresponsescansecuritysiemsocteamthreatthreat-huntingtriage
stuhli/awesome-event-idsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 citybasebrooks/siac | A SIEM (Security Information and Event Management) system built to demonstrate how organizations can use open-source tools to build modern information security capabilities. | 3 |
| tonyphipps/meerkat | A collection of PowerShell modules for gathering and analyzing Windows-based endpoint artifacts. | 436 |
 panther-labs/panther-analysis | A repository containing pre-defined detection rules and policies for security operations at scale. | 346 |
 teamdfir/sift | A suite of tools and images for building and managing digital forensics environments on AWS | 494 |
 jymcheong/autottp | Automated Tactics Techniques & Procedures platform to simplify scripting and automation of complex security testing and research workflows. | 251 |
 securityriskadvisors/talr | A repository for collecting and sharing SIEM rules in STIX format for automated translation to Sigma syntax | 90 |
 ynqa/sig | Interactive command-line search tool with real-time filtering and searching capabilities | 611 |
 demisto/cops | Standardized framework for creating and sharing incident response processes in a shared language | 151 |
 p4t12ick/ypsilon | An automated testing environment for security use cases using real malware and various tools | 165 |
 theresafewconors/sooty | A tool designed to aid cybersecurity analysts in automating routine checks and enhancing their workflow | 1,364 |
 secforce/snmp-brute | Automates brute force attempts on network devices using SNMP protocol | 298 |
 arxsys/dff | A framework for automating digital forensic analysis and incident response | 276 |
 securityjoes/forensicminer | Automates evidence collection and analysis from Windows machines using PowerShell. | 149 |
| secforce/sparta | A tool to simplify network infrastructure penetration testing by automating scanning and enumeration tasks | 1,618 |
 threathunters-io/laurel | Converts Linux audit logs into standardized JSON format for enhanced security monitoring | 722 |