Detection Rules Optimisation Integration Deployment

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for certeu from gravatar.com certeu

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: "EUPL-1.2"
  • Author: cert-eu/mlc
  • Requires: Python >=3.11.8

Project description

droid

droid is a PySigma wrapper allowing an easy adoption of Sigma and helps enabling Detection-As-Code. The ultimate goal of droid is to consume a repository Sigma rules and deploy them on one or multiple platform (SIEM/EDR). The tool also supports plain SIEM/EDR search queries.

droid workflow

🚀 Features

Key features are:

  1. Validate the syntax of Sigma rules
  2. Convert them by applying a set of transforms per log source and platform
  3. Search in logs and report on findings
  4. Test the rules by leveraging Atomic Red Team™ (work in progress)
  5. Deploy them with any compatible SIEM and EDR (.e.g. Splunk, Microsoft Sentinel)

🚂 Get started

To get started with the tool, visit the documentation page and configure droid for your environment.

📚 Resources

License

Licensed under the EUPL.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for certeu from gravatar.com certeu

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: "EUPL-1.2"
  • Author: cert-eu/mlc
  • Requires: Python >=3.11.8

Release history Release notifications | RSS feed

0.2.8

0.2.7

0.2.6

This version

0.2.5

0.2.4

0.2.3

0.2.2

0.2.1

0.2.0

0.1.5

0.1.4

0.1.3

0.1.2

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

detect_droid-0.2.5.tar.gz (38.6 kB view details)

Uploaded Source

Built Distribution

detect_droid-0.2.5-py3-none-any.whl (46.3 kB view details)

Uploaded Python 3

File details

Details for the file detect_droid-0.2.5.tar.gz.

File metadata

  • Download URL: detect_droid-0.2.5.tar.gz
  • Upload date:
  • Size: 38.6 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.12.7

File hashes

Hashes for detect_droid-0.2.5.tar.gz
Algorithm Hash digest
SHA256 6fbff632bfa2fab9a0359b89f160cf7c486a53ceaae320ae3c88715c9c5100a5
MD5 8b8741cb4315f464d37f535451246dcb
BLAKE2b-256 8002b1ca6a6e15a5053a0a4daa467e84269bf09d4cd5752ce80c63a675f55408

See more details on using hashes here.

File details

Details for the file detect_droid-0.2.5-py3-none-any.whl.

File metadata

  • Download URL: detect_droid-0.2.5-py3-none-any.whl
  • Upload date:
  • Size: 46.3 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.12.7

File hashes

Hashes for detect_droid-0.2.5-py3-none-any.whl
Algorithm Hash digest
SHA256 a9c43e981bf869af88e8adc41697b5dc4fd6eaf0e0f87c5ce336473e8dab36aa
MD5 e2eb5329224a2a5fd1418676c955a62e
BLAKE2b-256 f789fef1a99d8a2c13bac8b3b2ea91a248ccd0842313757752bab7fc88d2b3a4

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page