Detection Rules Optimisation Integration Deployment

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for certeu from gravatar.com certeu

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: "EUPL-1.2"
  • Author: cert-eu/mlc
  • Requires: Python >=3.11.8

Project description

droid

droid is a PySigma wrapper allowing an easy adoption of Sigma and helps enabling Detection-As-Code. The ultimate goal of droid is to consume a repository Sigma rules and deploy them on one or multiple platform (SIEM/EDR). The tool also supports plain SIEM/EDR search queries.

droid workflow

🚀 Features

Key features are:

  1. Validate the syntax of Sigma rules
  2. Convert them by applying a set of transforms per log source and platform
  3. Search in logs and report on findings
  4. Test the rules by leveraging Atomic Red Team™ (work in progress)
  5. Deploy them with any compatible SIEM and EDR (.e.g. Splunk, Microsoft Sentinel)

🚂 Get started

To get started with the tool, visit the documentation page and configure droid for your environment.

📚 Resources

License

Licensed under the EUPL.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for certeu from gravatar.com certeu

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: "EUPL-1.2"
  • Author: cert-eu/mlc
  • Requires: Python >=3.11.8

Release history Release notifications | RSS feed

0.2.8

0.2.7

0.2.6

0.2.5

0.2.4

0.2.3

This version

0.2.2

0.2.1

0.2.0

0.1.5

0.1.4

0.1.3

0.1.2

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

detect_droid-0.2.2.tar.gz (37.1 kB view details)

Uploaded Source

Built Distribution

detect_droid-0.2.2-py3-none-any.whl (44.7 kB view details)

Uploaded Python 3

File details

Details for the file detect_droid-0.2.2.tar.gz.

File metadata

  • Download URL: detect_droid-0.2.2.tar.gz
  • Upload date:
  • Size: 37.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.12.6

File hashes

Hashes for detect_droid-0.2.2.tar.gz
Algorithm Hash digest
SHA256 b36c26896ea4c54361c174c6a597afb4761718dd9b3f8262d112088828655242
MD5 665fc24c5ab7475e3e257fa12c316ca7
BLAKE2b-256 a193e763c61ce79731588a039c87154bbff258d942e55f8b8d78ee739490775f

See more details on using hashes here.

File details

Details for the file detect_droid-0.2.2-py3-none-any.whl.

File metadata

  • Download URL: detect_droid-0.2.2-py3-none-any.whl
  • Upload date:
  • Size: 44.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.12.6

File hashes

Hashes for detect_droid-0.2.2-py3-none-any.whl
Algorithm Hash digest
SHA256 316dd8dd25c8d92f95431a7bd6555a17e226749c713adcb71df19368d13f7e97
MD5 b5b3d009d7c518526a582158b211e081
BLAKE2b-256 c4e1d8e8c57173ea6dcdb2663f4ab498c546527705c69d7b8648e4866fd0afc7

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page