Awesome Splunk SPL hunt queries that can be used to detect the latest vulnerability exploitation attempts & subsequent compromise
updated at Aug. 18, 2024, 3:49 p.m.
🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.
updated at Aug. 25, 2024, 12:31 p.m.
✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The purpose is to create a reference hub for designing effective threat detection and response pipelines. 👷 🏗
updated at Sept. 11, 2024, 3:49 p.m.
Collection of YARA-L 2.0 sample rules for the Chronicle Detection API
updated at Sept. 21, 2024, 1:45 p.m.
Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud
updated at Sept. 21, 2024, 1:45 p.m.
A framework for developing alerting and detection strategies for incident response.
updated at Sept. 21, 2024, 1:51 p.m.
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
updated at Sept. 22, 2024, 12:38 a.m.
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
updated at Sept. 22, 2024, 2:58 a.m.
A curated list of resources about detecting threats and defending Kubernetes systems.
updated at Sept. 22, 2024, 2:32 p.m.