This page presents our current portfolio of open source software components for cyber security automation. Please click the logos to learn more about each component’s philosophy and access the actual code.
Automate threat and incident response workflows with CACAO security playbooks
Hunt for C2 domains that were generated by DGAs and might facilitate control over criminal botnets
Generate realistic datasets for training a NIDS by simulating a real infrastructure and real attacks.
Check whether an IoC is still malicious using a dynamic and data-driven method
Identify and monitor phishing kit deployment in real-time to combat phishing attacks
Classify malicious URLs using a joint set of lexicographic and certificate features
Extend Kubernetes and Docker platforms with bio-inspired self-healing properties
Share sightings and impact information in an aggregated and anonymised form via MISP