1 Repo
Workflows that treat security detection logic as versioned source code with automated testing and deployment.
Distinct from Test-as-Code Frameworks: Distinct from Test-as-Code as it covers the full lifecycle of security detections, not just the testing phase
Explore 1 awesome GitHub repository matching security & cryptography · Detection-as-Code Frameworks. Refine with filters or upvote what's useful.
This project is a detection-as-code framework providing a library of security monitoring rules and predefined detection content for Elasticsearch data indices. It serves as a threat detection rule library designed to identify malicious activity and attack patterns across diverse data streams in cloud and on-premises environments. The framework implements a detection engineering workflow where rules are defined in YAML and managed as versioned code. It includes a set of command-line utilities for automated rule deployment, metadata searching, and template generation, supported by a Python-base
Provides a complete framework for managing security detections through version control and automated validation.