socologize

phantom-rba

Share RBA-specific playbooks, apps, and custom functions

phantom-test-harness

Test harness for a more pleasurable app building experience

atc-mitigation

Actionable analytics designed to combat threats based on MITRE's ATT&CK.

atc-react

A knowledge base of actionable Incident Response techniques

sxo-05-security-workflows

Workflows, atomic actions, and documentation for SecureX orchestration

atomic-threat-coverage

Actionable analytics designed to combat threats based on MITRE's ATT&CK.

DeTTECT

Detect Tactics, Techniques & Combat Threats

email2pdf

Script to convert emails to PDF from the command-line, as well as detach recognized attachments. Helps to process incoming emails and assist automatically with a non-paper paperwork workflow. Designed to work in tandem with getmail to convert forwarded emails to PDF automatically.

ocsf-schema

OCSF Schema

OpenSIEM-Logstash-Parsing

SIEM Logstash parsing for more than hundred technologies

osquery-configuration

A repository for using osquery for incident detection and response

parser

phantom

Sample Phantom Playbooks

phantom-1

community apps for Phantom security orchestration platform

phantom-apps

Phantom Apps Repo

phantom-browserless

Splunk Phantom App for Browserless/chrome

phantom-docker

Phantom in a container

phantom_build_scripts

phantom_demo

phantom_pov

Material for a Phantom POV event

phantom_report

Python script to create a timeline PDF report from Phantom.us.

phzcatman

playbooks

Phantom Orchestration Playbooks

rastrea2r

Collecting & Hunting for IOCs with gusto and style

rastrea2r-server

Restful Server to handle requests from rastrea2r client

sandflysecurity

security_content

Splunk Security Content

SOAR_Autobahn

sxo-05-third-party-workflows

web-icons

A flexible icon family for the web