Cloud-DART is a comprehensive repository that provides Standard Operating Procedures (SOPs), Jupyter Notebooks, and code blocks for detection and response in cloud environments. This repository is designed to assist security professionals in automating and enhancing their cloud security posture.
- AWS Athena Searches: Pre-configured SQL queries for threat detection in AWS.
- AWS Lambdas: Python scripts for automated response actions in AWS.
- Jupyter Notebooks: Playbooks and workflows for cloud detection and response.
- MITRE Mapping: Documentation mapping cloud trail logs to MITRE ATT&CK framework.
- DART Program SOPs: Guidelines and templates for setting up a Detection and Response Team.
- AWS Account
- Python 3.x
- Jupyter Notebook
- Clone the repository
git clone https://github.com/rgi-group/Cloud-DART.git
- Navigate to the directory
cd Cloud-DART
- Install required packages
pip install -r requirements.txt
- AWS Athena Searches: Navigate to
AWS Athena Searches
folder and execute the SQL queries in your AWS Athena instance. - AWS Lambdas: Deploy the Python scripts in
AWS Lambdas
folder to your AWS Lambda service. - Jupyter Notebooks: Open the notebooks in
Jupyter Notebooks
folder using Jupyter Notebook.
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests.
This project is licensed under the MIT License - see the LICENSE.md file for details.