From aldeid
Jump to navigation Jump to search


Windows Logging Backend Client agent
sysmon: Splunk Splunk Universal Forwarder
ELK WinlogBeat

Adversary Emulation


Breach and Attack Simulation (BAS)

BAS platform:

VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios.

Threat Intelligence

Threat Hunting
The MITRE Cyber Analytics Repository (CAR) is a knowledge base of analytics developed by MITRE based on the MITRE ATT&CK adversary model
Sigma is a generic and open signature format that allows you to describe relevant log events in a straightforward manner
The Threat Hunter Playbook is a community-based open source project developed to share threat hunting concepts and aid the development of techniques and hypothesis for hunting campaigns by leveraging security event logs from diverse operating systems
This is a Splunk application containing several hunting dashboards and over 120 reports that will facilitate initial hunting indicators to investigate.

Pages in category "ThreatHunting"

The following 2 pages are in this category, out of 2 total.