FireEye Red Team Tool Countermeasures
These rules are provided freely to the community without warranty. In this GitHub repository you will find rules in multiple languages: Snort Yara ClamAV HXIOC The rules are categorized and labeled into two release states: Production: rules that are expected to perform with minimal tuning. Supplemental: rules that are known to require further environment-specific tuning and tweaking to perform, and are often used for hunting workflows. Please check back to this GitHub for updates to these rules. FireEye customers can refer to the FireEye Community (community.fireeye.com) for information on how FireEye products detect these threats. The entire risk as to quality and performance of these rules is with the users.
FEATURES
ALTERNATIVES
CINSscore.com provides Threat Intelligence database with accurate IP scores and collective defense through community and Sentinel IPS unit sourced data.
A visualization tool for threat analysis that organizes APT campaign information and visualizes relations of IOC.
Dataplane.org is a nonprofit organization providing free data, tools, and analysis to increase awareness of Internet trends, anomalies, threats, and misconfigurations.
A tool for navigating and annotating ATT&CK matrices with the ability to define custom layers for specific views.
Deception based detection techniques with MITRE ATT&CK mapping and Honey Resources.
A library of Amazon S3 attack scenarios with mitigation strategies.
Threat hunting tool leveraging Windows events for identifying outliers and suspicious behavior.
Akamai Hunt is a managed threat hunting service that detects and remediates evasive security risks in network environments using data analysis, AI, and expert investigation.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.