This repository provides a baseline template for organizations deploying osquery in a production environment, including query packs tailored to specific environments such as unwanted-chrome-extensions and windows-attacks, emphasizing careful consideration of datasets and use-cases for optimal osquery operation.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A community repository of workflow templates for the Ayehu NG platform that enables automated IT and business process execution.
RedELK is a SIEM tool designed for red teams to monitor and receive alerts about blue team detection activities during penetration testing engagements.
Shuffle is a platform for automating security workflows with confidence, offering templates, collaboration tools, and a large app library.
Open-source security automation platform for automating security alerts and building AI-assisted workflows.
SOARCA is an open-source SOAR platform that automates security incident response workflows using standardized CACAOv2 playbooks and multiple integration interfaces.
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
RedEye is a visual analytic tool that provides enhanced situational awareness and operational insights for both Red and Blue Team cybersecurity operations.
JIMI is a flow-based orchestration automation platform that combines low-code and no-code capabilities for multi-team collaboration across IT, security, and development operations.
A community-driven repository and development framework for creating custom automation activities within the Ayehu NG IT orchestration platform.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.