AbuseIPDB
AbuseIPDB offers tools and APIs to report and check abusive IPs, enhancing network security.
A Splunk application containing several dashboards and over 130 reports that facilitate initial hunting indicators to investigate. Requires ingesting Sysmon data into Splunk and tuning for effectiveness. Maps searches to the MITRE ATT&CK framework.
AbuseIPDB offers tools and APIs to report and check abusive IPs, enhancing network security.
Threat intelligence platform providing real-time threat data and insights.
The Cybersecurity and Infrastructure Security Agency (CISA) is a government agency that provides alerts, advisories, and resources to help protect the United States' critical infrastructure from cyber threats.
Curated datasets for developing and testing detections in SIEM installations.
A daily collection of IOCs from various sources, including articles and tweets.
A Pythonic framework for automated threat modeling shifting left.