Palantir osquery Configuration
This repository provides a baseline template for organizations deploying osquery in a production environment, including query packs tailored to specific environments such as unwanted-chrome-extensions and windows-attacks, emphasizing careful consideration of datasets and use-cases for optimal osquery operation.
FEATURES
ALTERNATIVES
Tool to bypass endpoint solutions blocking known 'malicious' signed applications by obtaining valid signed files with different hashes.
Incident response platform for automating alert handling and incident response procedures.
A simple maturity model for enterprise detection and response
A System for Abuse- and Incident Handling with log file analysis capabilities.
An open-source, drag-and-drop security workflow builder with integrated case management for automating security workflows and tackling alert fatigue.
npm security team foils plot to steal $13 million in cryptocurrency
A report on detecting lateral movement through tracking event logs, updated to include analysis of various tools and commands used by attackers.
Repository of playbooks, scripts, and templates for automating and orchestrating Security Operations.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.