Detection Rules Optimisation Integration Deployment

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for certeu from gravatar.com certeu

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: "EUPL-1.2"
  • Author: cert-eu/mlc
  • Requires: Python >=3.11.8

Project description

droid

droid is a PySigma wrapper allowing an easy adoption of Sigma and helps enabling Detection-As-Code. The ultimate goal of droid is to consume a repository Sigma rules and deploy them on one or multiple platform (SIEM/EDR). The tool also supports plain SIEM/EDR search queries.

droid workflow

🚀 Features

Key features are:

  1. Validate the syntax of Sigma rules
  2. Convert them by applying a set of transforms per log source and platform
  3. Search in logs and report on findings
  4. Test the rules by leveraging Atomic Red Team™ (work in progress)
  5. Deploy them with any compatible SIEM and EDR (.e.g. Splunk, Microsoft Sentinel)

🚂 Get started

To get started with the tool, visit the documentation page and configure droid for your environment.

📚 Resources

License

Licensed under the EUPL.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for certeu from gravatar.com certeu

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: "EUPL-1.2"
  • Author: cert-eu/mlc
  • Requires: Python >=3.11.8

Release history Release notifications | RSS feed

0.2.8

0.2.7

0.2.6

0.2.5

0.2.4

This version

0.2.3

0.2.2

0.2.1

0.2.0

0.1.5

0.1.4

0.1.3

0.1.2

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

detect_droid-0.2.3.tar.gz (37.8 kB view details)

Uploaded Source

Built Distribution

detect_droid-0.2.3-py3-none-any.whl (45.5 kB view details)

Uploaded Python 3

File details

Details for the file detect_droid-0.2.3.tar.gz.

File metadata

  • Download URL: detect_droid-0.2.3.tar.gz
  • Upload date:
  • Size: 37.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.12.6

File hashes

Hashes for detect_droid-0.2.3.tar.gz
Algorithm Hash digest
SHA256 022dbcde13afb39ecf0334b002ad2977017dee2f8ff6ecf5e8adb947bd98f8d1
MD5 671eafbd58b0d5c5eff0c8f5b5112e22
BLAKE2b-256 1a848d8ab1f8dde85049f197de43737d0ceeab5ef0b3d5b403c7954f6b0aff57

See more details on using hashes here.

File details

Details for the file detect_droid-0.2.3-py3-none-any.whl.

File metadata

  • Download URL: detect_droid-0.2.3-py3-none-any.whl
  • Upload date:
  • Size: 45.5 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.12.6

File hashes

Hashes for detect_droid-0.2.3-py3-none-any.whl
Algorithm Hash digest
SHA256 79b4340b5f36eed98e6ca130bfa6fa5d7a6a7ed70f7efb4c375c57b1c6c5a434
MD5 7862f36ab44c4386be65df7fdc9adef9
BLAKE2b-256 222c92ac5273f846dbc5d2dc5054c375f8ae356d47dd813732675452e05c8726

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page