GEEK-FIRST COMMUNITY

Built by operators. For operators.

SOaC is an open-source, community-led project. Every detection, playbook, and policy is peer-reviewed and battle-tested by practitioners who live in the SOC.

Join GitHub Discussions

The primary hub for community interaction. Propose packages, share threat intel, ask questions, and collaborate on the SOaC roadmap.

Open Discussions

Discussions

Ask questions, share ideas, propose new packages, or discuss threat intelligence. This is where the community lives.

Open Discussions

Issues

Found a bug in a detection rule? A playbook not working as expected? Open an issue and the community will help.

View Issues

Pull Requests

Contribute detection rules, playbooks, policies, or lab scenarios. Every PR gets peer-reviewed before merge.

View PRs

Community Contributors

ge0mant1sge0mant1s42 commitssoac-coresoac-core28 commitsdetection-eng-01detection-eng-0115 commitsclaw-builderclaw-builder12 commitsedge-enforceredge-enforcer9 commitssigma-translatorsigma-translator7 commits

How to contribute

  1. 1. Fork the repo and create a feature branch
  2. 2. Write your detection rules, playbooks, or policies following the SOaC schema
  3. 3. Test in the Lab using simulation mode
  4. 4. Submit a PR — every contribution gets peer-reviewed
Read CONTRIBUTING.md