threatbus
misp-galaxy
threatbus | misp-galaxy | |
---|---|---|
4 | 3 | |
254 | 481 | |
0.0% | 1.2% | |
0.0 | 9.8 | |
about 1 year ago | 4 days ago | |
Python | Python | |
BSD 3-clause "New" or "Revised" License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
threatbus
-
Ask HN: Who is hiring? (September 2021)
Tenzir | C++, ReasonML, Rust, Python | Hamburg, Germany or Remote (EU timezones) | Open-source | Full-time | https://tenzir.com
Tenzir is an early-stage startup that builds a next generation data-plane for modern Security Operations Centers. It is our mission to help defenders pull ahead by integrating widely used open source tools and building solutions that reduce the time to detect attacks and help with post-mortem investigations. To that end, we develop the high-performance C++ database [VAST](https://github.com/tenzir/vast) with a ReasonML-based frontend that is served by a Rust API. We also develop [Threat Bus](https://github.com/tenzir/threatbus), a dissemination layer for threat intelligence, which orchestrates detection and response products in a publish/subscribe architecture.
We're currently hiring for
-
Ask HN: Who is hiring? (July 2021)
Tenzir | Hamburg, Germany| DevOps Platform Engineer | FULL-TIME | REMOTE | €70-80k | https://tenzir.com
Tenzir is seeking an experienced and passionate DevOps / Platform engineer who enjoys bringing open-core security technology into production deployment shape. We cultivate a UNIX-centric mindset: security operators use our high-performance C++ database VAST (https://github.com/tenzir/vast) to hunt in telemetry data, either via the CLI or our ReasonML-based frontend getting its data through a Rust API.
We also develop Threat Bus (https://github.com/tenzir/threatbus), a messaging layer for federating security content.
=== Role & Responsibilities ===
- Improve our CI/CD pipelines for continuous releases with GitHub Actions to build projects of different languages on various platforms and to automate unit and integration testing.
- Automate continuous deployment strategies in different environments, for our own staging and production clusters, but also on-prem (appliances) or with different cloud providers.
- Implement a reliable backend infrastructure for appliance and fleet management, configuration management and multi-layer VPNs.
- Write integrations with other tools from the (security) ecosystem to support a wider range of data formats.
- Be responsible for entire infrastructure segments, from whiteboard design to implementation and automation for production systems.
=== Interview Process ===
1. Fill out the application form at https://tenzir.com/career/devops-platform-engineer/
2. Phone call to get to know each other and identify potential roadblocks (30min)
3. Technical interview(s) (1-2h)
---
If you are interested in cutting-edge C++ freelance work, or look for a local sysadmin position, please reach out directly to us at [email protected].
-
Ask HN: Who is hiring? (April 2021)
Tenzir | DevOps Platform Engineer | FULL-TIME | €70k | Hamburg, Germany | http://tenzir.com
Tenzir is seeking an experienced and passionate DevOps / Platform engineer who enjoys bringing open-core security technology into production deployment shape. We cultivate a UNIX-centric mindset: security operators use our high-performance C++ database VAST (https://github.com/tenzir/vast) to hunt in telemetry data, either via the CLI our our ReasonML-based frontend getting its data through a Rust API. We also develop Threat Bus (https://github.com/tenzir/threatbus), a dissemination layer for threat intelligence, which orchestrates detection and response.
=== Role & Responsibilities ===
As a key contributor to our infrastructure, you will improve and automate critical processes for building, packaging, and deploying our technology in test and production environments. Concretely:
-
[Hiring] Senior DevOps Platform Engineer | Cyber Security | +/-3h from Germany
Tenzir is seeking an experienced and passionate DevOps / Platform engineer who enjoys bringing open-core security technology into production deployment shape. We cultivate a UNIX-centric mindset: security operators use our high-performance C++ database VAST to hunt in telemetry data, either via the CLI our our ReasonML-based frontend getting its data through a Rust API. We also develop Threat Bus, a dissemination layer for threat intelligence, which orchestrates detection and response.
misp-galaxy
-
Foreign Travel Risks
MISP Threat Actor Galaxy
-
Profiling and Tracking Threat Actors
MISP threat actors galaxy may be of interest: https://github.com/MISP/misp-galaxy
-
Learning about apt groups
https://attack.mitre.org/groups/ this is a solid source. If you want to see the MISP list of threat actors from their service you can look here https://github.com/MISP/misp-galaxy/blob/main/clusters/threat-actor.json . The painful thing about this topic is every security vendor has a different naming convention for the threat actors in question.
What are some alternatives?
Grafana - The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.
MISP-QRadar-Integration - The Project can be used to integrate QRadar with MISP Threat Sharing Platform
StratosphereLinuxIPS - Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.
ThePhish - ThePhish: an automated phishing email analysis tool
gnomad-browser - Explore gnomAD datasets on the web
Watcher - Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.
tenzir - Open source security data pipelines.
MISP - MISP (core software) - Open Source Threat Intelligence and Sharing Platform
misp-wireshark - Lua plugin to extract data from Wireshark and convert it into MISP format
misp-warninglists - Warning lists to inform users of MISP about potential false-positives or other information in indicators
Gravitational Teleport - The easiest, and most secure way to access and protect all of your infrastructure.
OTX-Suricata - The OTX Suricata Rule Generator can be used to create the rules and configuration for Suricata to alert on indicators from your OTX account.