Detection Engineering Field Manual | Zack Allen

0 stars0 forks0 contributors

Overview

a series of posts exploring the various foundational components of Detection Engineering

Related Projects

Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a project Star on GitHub

Created

Links & Resources

Website

Included in

Detection Engineering1.2k

Alerting and Detection Strategies (ADS) Framework | Palantir

A framework for developing alerting and detection strategies for incident response.

Stars879

Forks137

Last commit9 months ago

Synthetic Adversarial Log Objects (SALO) | Splunk

Synthetic Adversarial Log Objects: A Framework for synthentic log generation

Stars91

Forks11

Last commit2 years ago

Open Threat Informed Detection Engineering aka OpenTide'

an all-in-one Detection Engineering Operations framework created and maintained by the European Commission to convert your CTI into an actionable detection coverage graph combining threat vectors with detection objectives, and manage your entire detection library from a central repository with a detection-as-code deployment system. The OpenTide format aims at measuring and expanding detection coverage, and its rule deployment engine is fully extensible and support multiple platforms in parallel (leveraging all the technology features and native query language). OpenTide works both within a single DE team as a main framework, and across SOC as a common format to facilitate data interexchange

Stars0

Forks0

Last commit

Prioritizing Detection Engineering | Ryan McGeehan

A longtime detection engineer outlines how a detection engineering program should be built from the ground up

Stars0

Forks0

Last commit