Repositories
jaegeral/security-apis
A collective list of public APIs for use in security. Contributions welcome
score
FunnyWolf/agentic-soc-platform
Agentic SOC Platform: A powerful, flexible, open-source, and agent-centric automated security operations platform (AI SOC)
score
cyberark/SkyArk
SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
score
nsacyber/Event-Forwarding-Guidance
Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber
score
edgelesssys/constellation
Constellation is a Kubernetes distribution for confidential computing, securing entire clusters on untrusted infrastructure. Constellation is in maintenance mode. New development continues in Contrast, which provides workload-level confidential computing using Confidential Containers. 👉 https://github.com/edgelesssys/contrast
score
aquasecurity/cloud-security-remediation-guides
Security Remediation Guides
score
stackql/stackql
Query, provision and operate Cloud, SaaS, API and Model Context Protocol (MCP) resources through a unified SQL-based framework for humans and AI agents.
score
threathunters-io/laurel
Transform Linux Audit logs for SIEM usage
score
tenzir/tenzir
Tenzir is the data pipeline engine for security teams.
score
Funkmyster/awesome-cloud-security
A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
score
TonyPhipps/SIEM
SIEM Tactics, Techiques, and Procedures
score
iknowjason/PurpleCloud
A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-purple-teaming-183b7df7a2f4
score
HXSecurity/TerraformGoat
TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.
score
mthcht/ThreatHunting-Keywords
Awesome list of keywords and artifacts for Threat Hunting sessions
score
GACWR/OpenUBA
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [BETA]
score
mdecrevoisier/EVTX-to-MITRE-Attack
Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
score
utmstack/UTMStack
Enterprise-ready SIEM, SOAR and Compliance powered by real-time correlation and threat intelligence.
score
cyberblu3s/CyberBlue
CyberSecurity BLUE TEAM containerized platform that brings together open-source tools for SIEM, DFIR, CTI, SOAR, and Network Analysis
score
runreveal/pql
Pipelined Query Language
score
opengovern/opensecurity
opensecurity: open-source security and compliance. See and secure your cloud, containers, code, networks, deployments, devices. Define your rules, get precise checks, fix gaps fast. Streamlined audits. No fluff.
score