Bunlar açıkça satıcıya özel olmasına rağmen, mantığın nasıl çalıştığı, benzer algılama kullanım durumlarının diğer platformlarda uygulanmasında faydalıdır.
Elastik
Elastic'in tespit kuralları
https://github.com/elastic/detection-rules/tree/main/rules →
https://github.com/elastic/detection-rules/tree/main/rules
Microsoft Sentinel / Defender 365
Microsoft Sentinel → YAYINDAN KALDIRILDI
Microsoft Sentinel'in algılama kuralları
https://github.com/Azure/Azure-Sentinel/tree/master/Detections →
https://github.com/Azure/Azure-Sentinel/tree/master/Detections
ve arama sorguları
https://github.com/Azure/Azure-Sentinel/tree/master/Hunting%20Queries →
https://github.com/Azure/Azure-Sentinel/tree/master/Hunting%20Queries
Bu, Sentinel resmi değildir ancak Sentinel çalıştırıyorsanız yine de potansiyel olarak yararlı olabilir.
https://github.com/BlueTeamLabs/sentinel-attack →
https://github.com/BlueTeamLabs/sentinel-attack
Sentinel KQL sorgularının seçilmiş listesi
https://github.com/reprise99/Sentinel-Queries →
https://github.com/reprise99/Sentinel-Queries
Harika KQL
https://github.com/cylaris/awesomekql →
https://github.com/cylaris/awesomekql
FalconForce'un Uç Nokta Kuralları için Microsoft Defender'ı
https://github.com/FalconForceTeam/FalconFriday →
https://github.com/FalconForceTeam/FalconFriday
Google Chronicle
Google Chronicle'ın algılama kuralları
https://github.com/chronicle/detection-rules →
https://github.com/chronicle/detection-rules
Dan Lussier'in Chronicle için kural seti
https://github.com/the2dl/chronicle_detection_public →
https://github.com/the2dl/chronicle_detection_public
Chronicle Rehberi
https://www.crestdatasys.com/blogs/google-chronicle-security-threat-detection-and-hunting/ → YAYINDAN KALDIRILDI
https://www.crestdatasys.com/blogs/google-chronicle-security-threat-detection-and-hunting/ YAYINDAN KALDIRILDI
Splunk
Splunk'un Security Essentials algılama kuralları
https://research.splunk.com/detections/ →
https://research.splunk.com/detections/
https://docs.splunk.com/Documentation/SSE →
https://docs.splunk.com/Documentation/SSE
https://github.com/splunk/security_content/tree/develop/detections →
https://github.com/splunk/security_content/tree/develop/detections
Abdullah Baghuth'un Splunk kullanım örnekleri
https://0xcybery.github.io/blog/Splunk+Use+Cases →
https://0xcybery.github.io/blog/Splunk+Use+Cases
Wuzah
Açık kaynaklı bir tehdit tespit platformu olan Wazuh'un kuralları
https://github.com/wazuh/wazuh/tree/master/ruleset →
https://github.com/wazuh/wazuh/tree/master/ruleset
Panter Laboratuvarları
Panther Labs güvenlik analitiği platformunun kuralları. Bunlar özellikle bulut odaklıdır
https://github.com/panther-labs/panther-analysis →
https://github.com/panther-labs/panther-analysis
DNIF
DNIF'in SIEM platformunun kuralları
https://github.com/dnif/content → YAYINDAN KALDIRILDI
https://github.com/dnif/content YAYINDAN KALDIRILDI
Sofo
Sophos'un IOC deposu