GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → Loginsoft-Research → detection-rules

Loginsoft-Research / detection-rules

Licence: GPL-3.0 license
Threat Detection & Anomaly Detection rules for popular open-source components

Labels

elasticsearchsplunkthreat-huntingsiemsigmaanomaly-detectionthreat-detection

Projects that are alternatives of or similar to detection-rules

Ee Outliers
Open-source framework to detect outliers in Elasticsearch events
Stars: ✭ 172 (+405.88%)
Mutual labels:  threat-hunting, siem, anomaly-detection
Threathunting Spl
Splunk code (SPL) useful for serious threat hunters.
Stars: ✭ 117 (+244.12%)
Mutual labels:  threat-hunting, siem
S2AN
S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator
Stars: ✭ 70 (+105.88%)
Mutual labels:  threat-hunting, sigma
Kong-API-Manager
Kong API Manager with Prometheus And Graylog
Stars: ✭ 78 (+129.41%)
Mutual labels:  splunk, siem
Attackdatamap
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
Stars: ✭ 264 (+676.47%)
Mutual labels:  threat-hunting, siem
Meerkat
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-based endpoints.
Stars: ✭ 284 (+735.29%)
Mutual labels:  threat-hunting, siem
Siem
SIEM Tactics, Techiques, and Procedures
Stars: ✭ 157 (+361.76%)
Mutual labels:  threat-hunting, siem
SyntheticSun
SyntheticSun is a defense-in-depth security automation and monitoring framework which utilizes threat intelligence, machine learning, managed AWS security services and, serverless technologies to continuously prevent, detect and respond to threats.
Stars: ✭ 49 (+44.12%)
Mutual labels:  anomaly-detection, threat-detection
Sigma
Generic Signature Format for SIEM Systems
Stars: ✭ 4,418 (+12894.12%)
Mutual labels:  splunk, siem
TA-Sysmon-deploy
Deploy and maintain Symon through the Splunk Deployment Sever
Stars: ✭ 31 (-8.82%)
Mutual labels:  splunk, threat-hunting
thremulation-station
Small-scale threat emulation and detection range built on Elastic and Atomic Redteam.
Stars: ✭ 28 (-17.65%)
Mutual labels:  threat-hunting, threat-detection
blue-teaming-with-kql
Repository with Sample KQL Query examples for Threat Hunting
Stars: ✭ 102 (+200%)
Mutual labels:  threat-hunting, siem
Threat-Hunting-and-Detection
Repository for threat hunting and detection queries, tools, etc.
Stars: ✭ 261 (+667.65%)
Mutual labels:  threat-hunting, threat-detection
Sentinel Attack
Tools to rapidly deploy a threat hunting capability on Azure Sentinel that leverages Sysmon and MITRE ATT&CK
Stars: ✭ 676 (+1888.24%)
Mutual labels:  threat-hunting, siem
Openuba
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
Stars: ✭ 127 (+273.53%)
Mutual labels:  siem, anomaly-detection
Azure-Sentinel-4-SecOps
Microsoft Sentinel SOC Operations
Stars: ✭ 140 (+311.76%)
Mutual labels:  threat-hunting, siem
ansible-splunk-playbook
Install a full Splunk Enterprise Cluster or Universal forwarder using an ansible playbook
Stars: ✭ 34 (+0%)
Mutual labels:  splunk, siem
SIGMA-detection-rules
Set of SIGMA rules (>250) mapped to MITRE Att@k tactic and techniques
Stars: ✭ 97 (+185.29%)
Mutual labels:  threat-hunting, sigma
SysmonConfigPusher
Pushes Sysmon Configs
Stars: ✭ 59 (+73.53%)
Mutual labels:  threat-hunting, siem
splunk-hec-go
Splunk HTTP Event Collector (HEC) Golang library
Stars: ✭ 19 (-44.12%)
Mutual labels:  splunk
View All Similar Projects ➔

Threat Detection Rules

Threat Detection & Anomaly Detection rules for popular open-source components.

This project is one of the projects that our Loginsoft Research & Innovation Unit is working on constantly to help organizations & contributing to the community. Our research is still in the experimental phase, the rules provided can be altered as per your need.

To learn how to use these rules have a look at our Documentation

For more information please have a look at our Blog Post

Interested in our research or have any suggestions, please reach our portal, we always hear you.
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].