This repository is a collection of threat detection logic, threat intelligence, and security research resources. It is organized into directories by vendor, technology, and topic.
The repository serves as a knowledge base for security professionals, providing detection techniques, incident analysis, and up-to-date research on emerging threats and vulnerabilities.
Note
The following queries are generalized and require tuning to your specific environments (e.g. Data Sources, Indicies, Data-Streams, Field Mapping, Exclusion Lists...).
Tuning is required for better search performance and positive identification of results from actionable data.