New blue team

This page summarizes the projects mentioned and recommended in the original post on /r/blueteamsec
hardware-buttons linkedin-bot template-engine-js

InfluxDB – Built for High-Performance Time Series Workloads
InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  1. dsiem

    Security event correlation engine for ELK stack

  2. InfluxDB

    InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

    InfluxDB logo

  3. sysmon-modular

    A repository of sysmon configuration modules

  4. auditd

    Best Practice Auditd Configuration

  5. auditd-attack

    A Linux Auditd rule set mapped to MITRE's Attack Framework

  6. Shuffle

    Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

  7. TheHive

    TheHive: a Scalable, Open Source and Free Security Incident Response Platform

  8. AtomicPurpleTeam

    Atomic Purple Team Framework and Lifecycle

  9. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo

  10. caldera

    Automated Adversary Emulation Platform

  11. RedEye

    Discontinued RedEye is a visual analytic tool supporting Red & Blue Team operations

  12. velociraptor

    Digging Deeper....

  13. adversary_emulation_library

    An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

    This is a great callout! To help get started, check out the adversary emulation library, https://github.com/center-for-threat-informed-defense/adversary_emulation_library. There are also micro-emulation plans, described here: https://ctid.mitre-engenuity.org/our-work/micro-emulation-plans/.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • What adversary emulation options are there nowadays to test SIEMs and IDSs?

    1 project | /r/AskNetsec | 7 Nov 2023

  • adversary_emulation_library: An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

    1 project | /r/blueteamsec | 22 Apr 2023

  • Attack simulation tool based on CVE

    4 projects | /r/redteamsec | 6 Oct 2022

  • micro_emulation_plans: This collection expands the impact of the Adversary Emulation Library by developing easy-to-execute adversary emulation content that targets specific behaviors and challenges facing defenders

    1 project | /r/blueteamsec | 17 Sep 2022

  • Advice on purple teaming

    1 project | /r/crowdstrike | 24 Mar 2022
Loading...