Alerting and Detection Strategies Framework Logo

Alerting and Detection Strategies Framework

0
Free
Updated 11 March 2025
Security Operations
Incident Response
Security Operations
Visit Website

This repository provides a public version of the Alerting and Detection Strategy (ADS) framework used by the Incident Response Team at Palantir, offering building blocks for organizations to enhance their detection strategies and improve alert efficacy. The framework aims to address challenges related to the development, implementation, and documentation of alerts, ultimately increasing operational costs for attackers.

FEATURES

EXPLORE BY TAGS

Incident Response

Security Operations

SIMILAR TOOLS

VERIS Framework Logo
VERIS Framework

A standardized framework for describing and classifying cybersecurity incidents

Free
Security Operations
Beagle Logo
Beagle

Incident response and digital forensics tool for transforming data sources and logs into graphs.

Free
Security Operations
Hardentools Logo
Hardentools

Tool to disable vulnerable features in Windows and popular applications for enhanced security.

Free
Security Operations
PagerDuty Incident Response Documentation Logo
PagerDuty Incident Response Documentation

A public incident response process documentation used at PagerDuty

Free
Security Operations
Incident Response Investigation System (IRIS) Logo
Incident Response Investigation System (IRIS)

A web collaborative platform for incident responders to share technical details during investigations, shipped in Docker containers for easy installation and upgrades.

Free
Security Operations
PowerGRR Logo
PowerGRR

PowerGRR is a PowerShell module for the GRR API, allowing automation and scripting for incident response and remote live forensics.

Free
Security Operations
npm Blog Archive: Plot to steal cryptocurrency foiled by the npm security team Logo
npm Blog Archive: Plot to steal cryptocurrency foiled by the npm security team

npm security team foils plot to steal $13 million in cryptocurrency

Free
Security Operations
GRR Rapid Response Logo
GRR Rapid Response

Incident response framework focused on remote live forensics

Free
Security Operations
Wazuh Logo
Wazuh

Wazuh is an open-source security platform offering unified XDR and SIEM protection for endpoints and cloud workloads, integrating various security functions into a single architecture.

Free
Security Operations

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy