Welcome to the Sigma main rule repository. The place where detection engineers, threat hunters and all defensive security practitioners collaborate on detection rules. The repository offers more than 3000 detection rules of different type and aims to make reliable detections accessible to all at no cost. Sigma is an open-source tool for defining generic detection rules for security event logs, enabling security professionals to detect threats across platforms.
Red Team's SIEM - tool for Red Teams used for tracking and alarming
RedELK is a tracking and monitoring tool for Red Teams, providing insights into engagements and supporting real-time situational awareness for offensive operations.
OSSIM, AlienVault’s Open Source Security Information and Event Management (SIEM) product, provides event collection, normalization and correlation. For more advanced functionality, AlienVault Unified Security Management (USM) builds on OSSIM with these additional capabilities:
* Log management
* Advanced threat detection with a continuously updated library of pre-built correlation rules
* Actionable threat intelligence updates from AlienVault Labs Security Research Team
* Rich...
...It also enables your application to get the callback notification for the process/thread creation or termination, from the new process information you can get the parent process Id and thread Id of the new created process, you also can get the exact file name that is used to open the executable file and the command line that is used to execute the process if it is available.
Stop Cyber Threats with VM-Series Next-Gen Firewall on Azure
Native application identity and user-based security for your Azure cloud
Gain integrated visibility across all traffic in a single pass. Deploy Palo Alto Networks VM-Series to determine application identity and content while automating security policy updates via rich APIs.