SaaSHub helps you find the best software and product alternatives Learn more →
Detection-rules Alternatives
Similar projects and alternatives to detection-rules
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
KrbRelayUp
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a better detection-rules alternative or higher similarity.
detection-rules reviews and mentions
Posts with mentions or reviews of detection-rules.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-04-27.
- KrbRelayUp detection [Sigma] - Service Creation via Local Kerberos Authentication
-
Hunt and Detect KrbRelayUp
Elastic rule: https://github.com/elastic/detection-rules/blob/main/rules/windows/credential_access_kerberoasting_unusual_process.toml
-
Windows Security Logs
With regards to alerts, Elastic Security includes a ton of Windows focused detection rules, along with the ability to create custom rules for Windows Events (or any other source).
-
SIEM Test Cases
SIGMA SOCPrime Sigma Sigma Translator Elastic Rules Splunk Rules ThreatHunter Playbook iRedTeam Lolbas Atomic Red Team
- Identifies suspicious renamed COMSVCS.DLL Image Load, this DLL exports the MiniDump function that can be used to dump a process memory. This may indicate an attempt to dump LSASS memory while bypassing command line based detection in preparation for credential access.
-
I have an interview coming up this week for a IR/CSIRT role. Any tips on what to go over?
Go look at the new [Elastic Detection rules](https://github.com/elastic/detection-rules), find ways to talk about them. May favorite recent one is https://github.com/elastic/detection-rules/issues/1535
- Tool per riconoscimento di attacchi tramite log di server web
-
A note from our sponsor - SaaSHub
www.saashub.com | 3 May 2024
Stats
Basic detection-rules repo stats
7
1,774
9.7
7 days ago
elastic/detection-rules is an open source project licensed under GNU General Public License v3.0 or later which is an OSI approved license.
The primary programming language of detection-rules is Python.
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com