macOS-ATTACK-DATASET VS EVTX-to-MITRE-Attack

Compare macOS-ATTACK-DATASET vs EVTX-to-MITRE-Attack and see what are their differences.

macOS-ATTACK-DATASET

JSON DataSet for macOS mapped to MITRE ATT&CK Tactics. (by sbousseaden)
threat-hunting MacOS Detection mitre-attack Blueteam Elastic
Source Code
Suggest alternative
Edit details

EVTX-to-MITRE-Attack

Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases. (by mdecrevoisier)
mitre-attack Siem evtx threat-hunting Redteam
Source Code
Suggest alternative
Edit details
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
macOS-ATTACK-DATASET EVTX-to-MITRE-Attack
1 2
150 475
- -
0.0 3.7
over 2 years ago about 2 months ago
- Creative Commons Zero v1.0 Universal
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

macOS-ATTACK-DATASET

Posts with mentions or reviews of macOS-ATTACK-DATASET. We have used some of these posts to build our list of alternatives and similar projects.

EVTX-to-MITRE-Attack

Posts with mentions or reviews of EVTX-to-MITRE-Attack. We have used some of these posts to build our list of alternatives and similar projects.
  • Mapping MITRE ATT&CK with Window Event Log IDs
    1 project | /r/netsecstudents | 19 May 2022
    Direct GitHub link bc ads. Like I commented last time I saw this project, I think it's a good starting point, but an important note: These mappings are 1:1. You should not limit your correlations to 1:1, but rather one ATT&CK term to many event IDs. Each technique can often be mapped to many, many different event IDs. And analysis / alerting on these events needs to be context aware, looking at other events before and after. When we approached this problem (mapping ATT&CK to detection logic) we realized there was almost never a scenario where event IDs could map 1:1 with the ATT&CK Matrix.
    1 project | /r/blueteamsec | 16 May 2022
    Source Github Link no ads.

What are some alternatives?

When comparing macOS-ATTACK-DATASET and EVTX-to-MITRE-Attack you can also consider the following projects:

sysmon-modular - A repository of sysmon configuration modules

evtx-hunter - evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.

Awesome-CobaltStrike-Defence - Defences against Cobalt Strike

SIGMA-detection-rules - Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques

Purpleteam - Purpleteam scripts simulation & Detection - trigger events for SOC detections

SysmonConfigPusher - Pushes Sysmon Configs

EVTX-ATTACK-SAMPLES - Windows Events Attack Samples

macOS-ATTACK-DATASET vs sysmon-modular EVTX-to-MITRE-Attack vs evtx-hunter macOS-ATTACK-DATASET vs Awesome-CobaltStrike-Defence EVTX-to-MITRE-Attack vs SIGMA-detection-rules macOS-ATTACK-DATASET vs Purpleteam EVTX-to-MITRE-Attack vs SysmonConfigPusher EVTX-to-MITRE-Attack vs EVTX-ATTACK-SAMPLES