Detection Rules Optimisation Integration Deployment

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for certeu from gravatar.com certeu

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: "EUPL-1.2"
  • Author: cert-eu/mlc
  • Requires: Python >=3.11.8

Project description

droid

droid is a PySigma wrapper allowing an easy adoption of Sigma and helps enabling Detection-As-Code. The ultimate goal of droid is to consume a repository Sigma rules and deploy them on one or multiple platform (SIEM/EDR). The tool also supports plain SIEM/EDR search queries.

droid workflow

🚀 Features

Key features are:

  1. Validate the syntax of Sigma rules
  2. Convert them by applying a set of transforms per log source and platform
  3. Search in logs and report on findings
  4. Test the rules by leveraging Atomic Red Team™ (work in progress)
  5. Deploy them with any compatible SIEM and EDR (.e.g. Splunk, Microsoft Sentinel)

🚂 Get started

To get started with the tool, visit the documentation page and configure droid for your environment.

📚 Resources

License

Licensed under the EUPL.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for certeu from gravatar.com certeu

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: "EUPL-1.2"
  • Author: cert-eu/mlc
  • Requires: Python >=3.11.8

Release history Release notifications | RSS feed

0.2.8

0.2.7

0.2.6

0.2.5

0.2.4

0.2.3

0.2.2

This version

0.2.1

0.2.0

0.1.5

0.1.4

0.1.3

0.1.2

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

detect_droid-0.2.1.tar.gz (36.7 kB view details)

Uploaded Source

Built Distribution

detect_droid-0.2.1-py3-none-any.whl (44.2 kB view details)

Uploaded Python 3

File details

Details for the file detect_droid-0.2.1.tar.gz.

File metadata

  • Download URL: detect_droid-0.2.1.tar.gz
  • Upload date:
  • Size: 36.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.12.6

File hashes

Hashes for detect_droid-0.2.1.tar.gz
Algorithm Hash digest
SHA256 43ec1d105205efd7690fd8b15bac37054a1c1eafecf1cddf796b35445ad2fa42
MD5 b29fe0f577b8e52e630d22cc0dd0fd86
BLAKE2b-256 fe0829175bc500db9fc48b8a8dfece64a293a9a1f0bba850de57ae03aabb627b

See more details on using hashes here.

File details

Details for the file detect_droid-0.2.1-py3-none-any.whl.

File metadata

  • Download URL: detect_droid-0.2.1-py3-none-any.whl
  • Upload date:
  • Size: 44.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.12.6

File hashes

Hashes for detect_droid-0.2.1-py3-none-any.whl
Algorithm Hash digest
SHA256 b699ca204161e8fe9ec76085312aec3227b118dbcbb4c7d03592e39fadfb593d
MD5 b545bd1143d41aea9492cac58ceb40b4
BLAKE2b-256 9488b3e24653870f8ecd1ea9035c97a64e8c8e6a9b26f823897bc0b2833c73e6

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page