This repository contains the Google SecOps components for the GreyNoise Intelligence integration, including SIEM dashboards, saved searches, detection rules, and SOAR playbooks for comprehensive threat intelligence visualization, investigation, and automated response.
| Component | Description | Path |
|---|---|---|
| Detection Rules | YARA-L rules for automated threat detection | Google SecOps SIEM/Detection Rules/ |
| Saved Searches | Predefined UDM queries for indicator investigation | Google SecOps SIEM/Saved Searches/ |
| Dashboards | Interactive dashboards for threat intelligence monitoring | Google SecOps SIEM/Dashboards/ |
📖 For detailed SIEM Integration Information, see the Google SecOps SIEM.
| Component | Description | Path |
|---|---|---|
| Playbooks | Automated response playbooks and reusable blocks | Google SecOps SOAR/Playbooks/ |
| Webhooks | Webhook configurations for alerts and feeds ingestion | Google SecOps SOAR/Webhooks/ |
📖 For detailed SOAR Integration Information, see:
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.
We use SemVer for versioning. For the versions available, see the tags on this repository.
Have any questions or comments about GreyNoise? Contact us at integrations@greynoise.io
Code released under MIT License.