Detection Rules Optimisation Integration Deployment

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for certeu from gravatar.com certeu

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: "EUPL-1.2"
  • Author: cert-eu/mlc
  • Requires: Python >=3.11.8

Project description

droid

droid is a PySigma wrapper allowing an easy adoption of Sigma and helps enabling Detection-As-Code. The ultimate goal of droid is to consume a repository Sigma rules and deploy them on one or multiple platform (SIEM/EDR). The tool also supports plain SIEM/EDR search queries.

droid workflow

🚀 Features

Key features are:

  1. Validate the syntax of Sigma rules
  2. Convert them by applying a set of transforms per log source and platform
  3. Search in logs and report on findings
  4. Test the rules by leveraging Atomic Red Team™ (work in progress)
  5. Deploy them with any compatible SIEM and EDR (.e.g. Splunk, Microsoft Sentinel)

🚂 Get started

To get started with the tool, visit the documentation page and configure droid for your environment.

📚 Resources

License

Licensed under the EUPL.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for certeu from gravatar.com certeu

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: "EUPL-1.2"
  • Author: cert-eu/mlc
  • Requires: Python >=3.11.8

Release history Release notifications | RSS feed

0.2.8

This version

0.2.7

0.2.6

0.2.5

0.2.4

0.2.3

0.2.2

0.2.1

0.2.0

0.1.5

0.1.4

0.1.3

0.1.2

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

detect_droid-0.2.7.tar.gz (39.1 kB view details)

Uploaded Source

Built Distribution

detect_droid-0.2.7-py3-none-any.whl (46.7 kB view details)

Uploaded Python 3

File details

Details for the file detect_droid-0.2.7.tar.gz.

File metadata

  • Download URL: detect_droid-0.2.7.tar.gz
  • Upload date:
  • Size: 39.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.12.7

File hashes

Hashes for detect_droid-0.2.7.tar.gz
Algorithm Hash digest
SHA256 afc8c44f361dece90567afabc661289d55b8887e941a83cd878bfe59c0737c03
MD5 869883b251d4585cb2460e084e6e5ca4
BLAKE2b-256 6294c141a2daaa736869946b85bc6b425215f6b36d0160212137cfb06c811d25

See more details on using hashes here.

File details

Details for the file detect_droid-0.2.7-py3-none-any.whl.

File metadata

  • Download URL: detect_droid-0.2.7-py3-none-any.whl
  • Upload date:
  • Size: 46.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.12.7

File hashes

Hashes for detect_droid-0.2.7-py3-none-any.whl
Algorithm Hash digest
SHA256 b34320a4cc98f0d3902b159a45a50ad1961c76e93e61a5aa0a5a6e96b481646b
MD5 a9e728ff4b1afcb88e6cdcc1b51cc8a6
BLAKE2b-256 298af718e2d766ac03fd55e2eb2f1ec9bac0589ec86781d4a2d6936c611a4741

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page