Analytics

Tenzir is a data pipeline solution that provides security data management capabilities through pipelines, nodes, and a centralized platform for analytics and detection operations.

A Python web application that provides statistical analysis and visualization for Glastopf honeypot data by connecting to the honeypot's SQLite database.

RedEye is a visual analytic tool that provides enhanced situational awareness and operational insights for both Red and Blue Team cybersecurity operations.

Threat hunting tool leveraging Windows events for identifying outliers and suspicious behavior.

A Security Orchestration, Automation and Response (SOAR) platform for incident response and threat hunting.

Ice is an AWS cloud cost management tool that provides multi-level visibility into cloud spending and resource utilization to support informed reservation purchases and resource optimization decisions.

Unfetter is a reference implementation framework that collects events from client machines and performs CAR analytics using an ELK stack with Apache Spark to detect potential adversary activity.

A library of event-based analytics written in EQL to detect adversary behaviors identified in MITRE ATT&CK, providing detection rules for the Elastic Stack.

Enhance your Android experience with the AMAaaS Agent APK for better performance and improved user experience.

WALKOFF is an automation framework that provides drag-and-drop workflow creation capabilities for integrating security tools and automating repetitive tasks.

Explore the top million websites, ranked by referring subnets, and gain insights into online influence and popularity.

msticpy is a Python library for InfoSec investigation and threat hunting in Jupyter Notebooks, providing data querying, threat intelligence enrichment, analysis capabilities, and interactive visualizations.