Detection-as-Code CI/CD pipeline for modern security tools (SIEM, EDR, XDR, ...)
-
Updated
Jun 14, 2024 - Rust
Detection-as-Code CI/CD pipeline for modern security tools (SIEM, EDR, XDR, ...)
Awesome Security lists for SOC/CERT/CTI
Anvilogic Forge
Updated Sigma2KQL script written by @CodeByHarri
Splunk Security Content
Pipelined Query Language
☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud
The code powering RunReveal's documentation.
yara detection rules for hunting with the threathunting-keywords project
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
Awesome list of keywords and artifacts for Threat Hunting sessions
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
Sigma detection rules for hunting with the threathunting-keywords project
Purpleteam scripts simulation & Detection - trigger events for SOC detections
Machine learning notebooks using cybersecurity data
Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-forense y detección de técnicas utilizadas por actores maliciosos para la evasión de sistemas de protección y monitorización.
Hunting Queries for Defender ATP
🐻❄️ 🏹 Threat hunting with Polars and flaws.cloud AWS CloudTrail datasets.
A pySigma wrapper and langchain toolkit for automatic rule creation/translation
Add a description, image, and links to the detection-engineering topic page so that developers can more easily learn about it.
To associate your repository with the detection-engineering topic, visit your repo's landing page and select "manage topics."