There are 11 repositories under soar topic.
A collection of sources of documentation, as well as field best practices, to build/run a SOC
Extract and aggregate threat intelligence.
⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes
🤖 Admyral enables continuous control monitoring for any custom control
Notice: Postee is no longer under active development or maintenance.
SQL optimizer and rewriter for laravel. - laravel 的 SQL 优化器和重写器。
Jimi is an automation first no-code platform designed and developed originally for Security Orchestration and Response. Since its launch jimi has developed into a fully fledged IT automation platform which effortlessly integrates with your existing tools unlocking the potential for autonomous IT and Security operations.
django-base-templates 主要为 django 开发DEMO, 支持 非前后端分离 和 前后端分离模式 。
Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the community edition) data processing. The original intention is to solve complex data/event processing and external system linkage requirements through standardized rules.
Source code for IBM SOAR Apps that are available on our App Exchange
A collection of awesome framework, libraries, learning tutorials, videos, webcasts, technical resources and cool stuff about Security Orchestration, Automation and Response (SOAR).
SQL optimizer and rewriter extension package for thinkphp5/6 framework.
A curated repository of incident response playbooks
A tool that allows you to document and assess any security automation in your SOC
Python Library for the IBM SOAR REST API, a Python SDK for developing Apps for IBM SOAR and more...
scripts using splunk application lookup-editor endpoint. Download, upload and update splunk lookups content
This repository will describe the details surrounding the SIEM (wazuh) mini project, which will cover all aspects of topology design, deployment, rules, integration, and fine tune.
Simple SOAR (Security Orchestration, Automation and Response) framework integrated with OPA/Rego
AutoSpamEmailScan.ps1 is used to monitor a specific mailbox that enterprise users can forward suspicious spam emails to a specific mailbox.
Goodman Data Reduction Pipeline
A repository used as a Go module to help out with Shuffle development, and to ensure we reuse code structures everywhere.
All in one platform to create internal applications, automate workflows, and build web pages.
Automate your SOC with SEKOIA.IO's Automation Library. Pull Requests are always welcome and highly appreciated!