soar

There are 11 repositories under soar topic.

• Shuffle

  Shuffle / Shuffle

  Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

  agplv3automationcybersecuritydiscordhacktoberfestintegrationsmitre-attackopenapiorchestrationorchestratororchestrator-guisecuritysecurity-automationsecurity-orchestratorshufflesoarworkflow-editor
  Language:Shell 1876
• w5

  w5teams / w5

  Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

  automationdevopshackhackerhackingpython-scriptpython3securitysecurity-auditsecurity-automationsecurity-toolsshufflesoartoolsw5w5soarwalkoff
  Language:Python 1509

• myide / see

  基于开源组件（Inception & SQLAdvisor & SOAR）的SQL审核&SQL优化的Web平台

  djangoinceptionmysqlsoarsqladvisorvue
  Language:Vue 1478

• cyb3rxp / awesome-soc

  A collection of sources of documentation, as well as field best practices, to build/run a SOC

  architecturecertcsirtdetectionincident-responsemanagementmitre-attackpurpleteamrisk-managementsiemsirpsoasoarsoctipttp
  1342

• InQuest / ThreatIngestor

  Extract and aggregate threat intelligence.

  dfirfraud-detectionindicators-of-compromiseintelligence-gatheringiocmalware-researchmisposintsecurity-toolssoarthreat-analysisthreat-feedsthreat-huntingthreat-intelligencethreat-intelligence-platformthreat-sharingthreatintelyara
  Language:Python 851

• strontic / xcyclopedia

  Encyclopedia for Executables

  executablesiemsoarcommand-lineexelolbinsssdeep
  Language:PowerShell 436
• catalyst

  SecurityBrewery / catalyst

  ⚡️ Catalyst is a self-hosted, open source incident response platform and ticket system that helps to automate alert handling and incident response processes

  soarincident-responsedigital-forensicsdfir
  Language:Vue 382

• Admyral-Technologies / admyral

  🤖 Admyral enables continuous control monitoring for any custom control

  ai-assistantautomationcompliance-as-codecompliance-automationcompliance-platformcontrolcopilotcybersecuritygptgrcllmnextjsopen-sourcepythonsecuritysecurity-automationsecurity-compliancesoartypescriptworkflow
  Language:Python 323

• utmstack / UTMStack

  Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.

  compliancesiemsecuritysecurity-auditincident-responselog-analysislog-parsingmalware-detectionsecurity-toolsthreat-analysisthreat-detectionthreat-huntingthreat-intelligencesecurity-automationcmmchipaasoarsoc2security-operations-centersoc
  Language:Java 247

• aquasecurity / postee

  Notice: Postee is no longer under active development or maintenance.

  jiraaquadockerkubernetesoparegoslacksoarautomationcloud-nativesecuritydevsecopsmessaginggolang
  Language:Go 209

• guanguans / laravel-soar

  SQL optimizer and rewriter for laravel. - laravel 的 SQL 优化器和重写器。

  clockworkdebugdebugbarlaravellaravel-sqlmysqloptimizeoptimizerrayrewriterewritersecurity-vulnerabilitiessoarsqlsql-optimizerstatement
  Language:PHP 189

• guanguans / soar-php

  SQL optimizer and rewriter. - SQL 优化器、重写器(辅助 SQL 调优)。

  soarsqlmysqldebugphpsql-injectionsqlalchemysql-querysql-optimizeroptimizeroptimization-tools
  Language:PHP 170
• jimi

  z1pti3 / jimi

  Jimi is an automation first no-code platform designed and developed originally for Security Orchestration and Response. Since its launch jimi has developed into a fully fledged IT automation platform which effortlessly integrates with your existing tools unlocking the potential for autonomous IT and Security operations.

  asset-managementautomationit-automationjimimonitoringno-codeorchestrationsecopssecuritysoarworkflow-automationxdr
  Language:Python 165

• hequan2017 / seal

  django-base-templates 主要为 django 开发DEMO, 支持 非前后端分离 和 前后端分离模式 。

  djangocmdbdevopsdevopspythonvueiviewiview-admingraphqlgraphql-djangorestful-apirestfulkuberneteswebsshkubernetes-dashboardpython3sqlgoinceptionsoar
  Language:Python 126

• influx-code / iysql

  IYSQL - Improve Your SQL

  optimization-toolssoarsqlsqladvisor
  Language:CSS 102

• paulveillard / cybersecurity-SOAR

  A collection of awesome framework, libraries, learning tutorials, videos, webcasts, technical resources and cool stuff about Security Orchestration, Automation and Response (SOAR).

  soarorchestrationorchestration-servicesscalabilityincident-responseincident-managementcyber-threat-intelligencesecurity-hardeningos-hardeningios-hackinghacking-toolssiemdesign-patternsscalable-applicationsincident-matrixcompliance-as-codecompliantregulatory
  95

• bytedance / Elkeid-HUB

  Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the community edition) data processing. The original intention is to solve complex data/event processing and external system linkage requirements through standardized rules.

  rule-enginesoarstream-processingevent-engineruleengine
  Language:Python 94

• ibmresilient / resilient-community-apps

  Source code for IBM SOAR Apps that are available on our App Exchange

  appsibmopen-sourceresilientsoarapphostresilient-circuits
  Language:ReScript 91

• zercurity / zercurity

  Manage, monitor and improve your cyber security posture.

  osquerycompliancecis-benchmarklinuxmacossiemsoarwindowssteampipe
  Language:Shell 89

• malwarekid / SOAR-Flow

  SOAR Automation with Shuffle, Wazuh & TheHive | This project integrates Shuffle SOAR, Wazuh SIEM, and TheHive to automate security incident response. It enriches alerts using VirusTotal & AbuseIPDB, creates incidents in TheHive, and sends real-time Discord notifications.

  cybersecurityshufflesiemsoarsocthehivewazuh
  81

• guanguans / think-soar

  SQL optimizer and rewriter extension package for thinkphp5/6 framework.

  soarsqlmysqldebug
  Language:PHP 80

• luduslibrum / awesome-playbooks

  A curated repository of incident response playbooks

  cybersecurityincident-responseplaybooksecurity-automationsecurity-orchestrationsoar
  Language:PowerShell 74

• AI0TSec / Blog

  I wish the world continues to be lively, I wish you and me are still you and me.

  aiaptblockchain-technologybypasscloud-computingdeception-defensedeep-learningdevsecopsemergency-responseiotpenetration-testingsdlsecurity-hardeningsoarweb-security
  70

• COSSAS / SOARCA

  SOARCA - The Open Source CACAO-based Security Orchestrator!

  automationcacaocacao-playbookscybersecuritysoar
  Language:Go 67
• zbn

  zbnio / zbn

  安全编排与自动化响应平台

  soarzbnzbniotoolssecuritysecurity-toolssecurity-automationhackerhackerrank-pythonpython3hackingautomation
  Language:Python 60

• ansorren / GDPatrol

  A Lambda-powered Security Orchestration framework for AWS GuardDuty

  awsaws-lambdacloudcloudsecurityaws-securityaws-guarddutysoarincident-responsecybersecuritythreatintelsiemblueteam
  Language:Python 52

• tuckner / automation-capability-matrix

  A tool that allows you to document and assess any security automation in your SOC

  automationblueteam-toolscybersecurityinfosecsoar
  Language:TypeScript 46

• cookpad / deepalert

  Serverless SOAR (Security Orchestration, Automation and Response) framework for automatic inspection and evaluation of security alert

  awsgosecurityserverlesssoar
  Language:Go 45

• ibmresilient / resilient-python-api

  Python Library for the IBM SOAR REST API, a Python SDK for developing Apps for IBM SOAR and more...

  ibmopen-sourcepythonresilientresilient-circuitssoarresilient-sdk
  Language:Python 41
• soarpkgs

  pkgforge / soarpkgs

  📦📀 Soar User Repository: Making Linux Packaging truly Portable, Simple, and Distro-Independent

  apkbuildappbundleappimageappimagesbuild-systemflatimagepackage-managementpackage-managerpkgbuildportableportable-executablerecipesrunimagerustsoarpkgsrc
  Language:Shell 34

• fkie-cad / Logprep

  log data pre processing, generation and shipping in python

  etlkafkaloglogdataloggeneratorlogshipperopensearchpreprocessingpythonsoarsre
  Language:Python 31
• lookup-editor_scripts

  mthcht / lookup-editor_scripts

  scripts using splunk application lookup-editor endpoint. Download, upload and update splunk lookups content

  apilookuplookup-tablesplunklookup-editorsplunkcloudautomationlookupssoarupdateupload
  Language:Python 29

• 13ihsan92 / Security-Blue-Team

  This repository will describe the details surrounding the SIEM (wazuh) mini project, which will cover all aspects of topology design, deployment, rules, integration, and fine tune.

  automationcybersecuritydefenddefensedefensive-securityendpoint-securitysiemsiem-developmentsoardefencedefender-for-endpointdefensivesecurity-automationsecurity-hardeningsecurity-tools
  23

• secmon-lab / alertchain

  Simple SOAR (Security Orchestration, Automation and Response) framework integrated with OPA/Rego

  oparegosecurity-toolssoar
  Language:Go 23

• banhao / AutoSpamEmailScan

  AutoSpamEmailScan.ps1 is used to monitor a specific mailbox that enterprise users can forward suspicious spam emails to a specific mailbox.

  phishingphishing-detectionspamspam-detectionesaironportews-apisoarspam-emailsquarantinesecuritysecurity-automationsecurexworkflowvirustotalgoogle-safe-browsingautomationmdatpminemeld
  Language:PowerShell 16

• GlideClient / client

  An updated version of SoarClient

  clientminecraftmixinnanovgsoarsoarclientjavalwjgl
  Language:Java 16