jshlbrd's Stars
zeek/zeek
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
target/strelka
Real-time, container-based file scanning at enterprise scale
brexhq/substation
Substation is a toolkit for routing, normalizing, and enriching security event and audit logs.
CrowdStrike/cs-bro
Bro scripts written by CrowdStrike Services
jshlbrd/detection-engineering-pocket-guide
pocket guide for core detection engineering concepts
jshlbrd/threat-hunting-pocket-guide
pocket guide for core threat hunting concepts