Updated Sigma2KQL script written by @CodeByHarri + Generating Analytics & Hunting Rules ready for Sentinel Deployment
-
Updated
Jun 25, 2024 - Python
Updated Sigma2KQL script written by @CodeByHarri + Generating Analytics & Hunting Rules ready for Sentinel Deployment
Awesome Security lists for SOC/CERT/CTI
Detection-as-Code CI/CD pipeline for modern security tools (SIEM, EDR, XDR, ...)
Hunting Queries for Defender ATP
Awesome list of keywords and artifacts for Threat Hunting sessions
The code powering RunReveal's documentation.
Anvilogic Forge
My Detection Engineering and Threat Hunting (DEATH) Lab.
Sigma Queries turned into KQL for Defender using pysigma
Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifying malicious or unauthorized activity before it negatively impacts an individual or an organization.
A collection of various SIEM rules relating to malware family groups.
Sigma detection rules for hunting with the threathunting-keywords project
yara detection rules for hunting with the threathunting-keywords project
Splunk Security Content
Pipelined Query Language
☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
Purpleteam scripts simulation & Detection - trigger events for SOC detections
Machine learning notebooks using cybersecurity data
Add a description, image, and links to the detection-engineering topic page so that developers can more easily learn about it.
To associate your repository with the detection-engineering topic, visit your repo's landing page and select "manage topics."