Splunk Security Content Logo

Splunk Security Content

0
Free
Visit Website

Welcome to the Splunk Security Content. This project provides access to a repository of Analytic Stories, security guides that offer insights into tactics, techniques, and procedures (TTPs) mapped to the MITRE ATT&CK Framework, Lockheed Martin Cyber Kill Chain, and CIS Controls. It includes Splunk searches, machine learning algorithms, and Splunk Phantom playbooks designed to work together for threat detection, investigation, and response. Additionally, there are sister projects like Splunk Attack Range, an attack simulation lab, and Contentctl, a tool for building, testing, and packaging content for distribution.

FEATURES

ALTERNATIVES

A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.

Free

Security-Guard helps secure microservices and serverless containers by detecting and blocking exploits.

Free

ElastAlert is a framework for alerting on anomalies in Elasticsearch data.

Free

A tool for advanced HTTPD logfile security analysis and forensics, implementing various techniques to detect attacks against web applications.

Free

Sysdig is a system visibility tool with native container support.

Free

ELAT (Event Log Analysis Tool) is a tool that helps in analyzing Windows event logs for malware detection.

Free

Elasticsearch is a versatile platform for centralized data storage, fast search, and scalable analytics.

Free

A service that analyzes and visualizes security data to investigate potential security issues.

Free