Sentrilite is a Cloud Runtime Threat Detection & Active Response against Zero-Day Attacks

A POC to implement Detection-as-Code with Terraform and Sumo Logic.

A Python-native Detection as Code Framework

A Pythonic Detection Rules Framework

Resource for all things threat detection

A Panther Global Helper for enriching alerts using the Axonius CAASM platform

Sentrilite Control Plane to manage Sentrilite Agents

Sentrilite EDR/XDR for Windows: Detection-As-Code, Observability, Security & Live Telemetry with AI/LLM Insights

Security infrastructure · Detection as code · Multi-cloud

This detection engineering repo is for the Detection as Code CI/CD pipeline

A comprehensive, modular Detection as Code framework for Microsoft Sentinel, deployable through Terraform with centralised configuration and automated documentation.

Jibril Runtime Security Public Types. Important for unmarshalling events and similar needs.

All things Detection Engineering from Proposal to Detection-as-Code repository for Microsoft Sentinel and eventually Splunk. YAML-based detection rules mapped to MITRE ATT&CK and Cyber Kill Chain stages, enriched with lifecycle tags and automated for CI/CD deployment.

AI-Generated Code Detector for CI/CD Pipelines (EXPERIMENTAL)

A curated library of production-grade Splunk ES 8 detection rules, mapped to MITRE ATT&CK and NIST frameworks.