Security Operations

Wazuh

0.0

Wazuh is an open-source security platform offering unified XDR and SIEM protection for endpoints and cloud workloads, integrating various security functions into a single architecture.

The Hive (StrangeBee)

0.0

TheHive is a case management platform for security operations teams that facilitates incident response, threat analysis, and team collaboration.

Anvilogic

0.0

Anvilogic is a SIEM platform that streamlines detection engineering, offers cost-effective data management, and enhances threat detection capabilities.

Dropzone AI

0.0

Dropzone AI is an autonomous AI agent for SOCs that performs end-to-end investigations of security alerts, integrating with existing cybersecurity tools and data sources.

Exabeam Security Operations Platform

0.0

Exabeam Security Operations Platform is a cloud-native security platform that applies AI and automation to security operations workflows for threat detection, investigation, and response.

Anomali

0.0

Anomali is an AI-Powered Security Operations Platform that delivers speed, scale, and performance at a reduced cost, combining ETL, SIEM, XDR, SOAR, and TIP to detect, investigate, respond, and remediate threats.

Crowdstrike Charlotte AI

0.0

CrowdStrike Charlotte AI is a conversational AI assistant that accelerates security operations by automating tasks and providing faster intelligence through generative AI capabilities.

Darktrace

0.0

Darktrace is a cyber security solution that uses AI to detect and prevent cyber attacks in real-time.

AWS Incident Response Investigation of API activity using Athena and notification of actions using EventBridge

0.0

A project that uses Athena and EventBridge to investigate API activity and notify of actions for incident response and misconfiguration detection.

SyntheticSun

0.0

A defense-in-depth security automation and monitoring framework utilizing threat intelligence, machine learning, and serverless technologies.

Mature SIEM Environment for SOAR Implementation

0.0

A mature SIEM environment is critical for successful SOAR implementation.

Admyral

0.0

An open-source, drag-and-drop security workflow builder with integrated case management for automating security workflows and tackling alert fatigue.

sysmon-modular

0.0

A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.

Hardentools

0.0

Tool to disable vulnerable features in Windows and popular applications for enhanced security.

GRR Rapid Response

0.0

Incident response framework focused on remote live forensics

Shuffle

0.0

Shuffle is a platform for automating security workflows with confidence, offering templates, collaboration tools, and a large app library.

Stronghold

0.0

Stronghold is the easiest way to securely configure your Mac.

Shapeshifter

0.0

A GraphQL security testing tool

Ripple

0.0

A panic button app for triggering a ripple effect across apps responding to panic events

InvalidSign

0.0

Tool to bypass endpoint solutions blocking known 'malicious' signed applications by obtaining valid signed files with different hashes.

Datadog

0.0

Datadog offers a comprehensive suite of cybersecurity tools for various aspects of application and infrastructure monitoring.