The Open Source DetectionOps Backend |
🎤 Talks
- [Lightning Talk] Hack.lu 2023 : TIDeMEC(CoreTIDE) : A Detection Engineering Platform Homegrown At The EC
- [Slides] FIRST Technical Colloquium Amsterdam 2024 : CoreTIDE: the First Project of the OpenTIDE Family
CoreTide is a platform that has been built on thousands of manhours at the European Commission, and firetested for more than two years in a production environment before made Open Source. CoreTide is the backend of OpenTide, the overarching Detection Engineering framework made to empower Detection Engineering Teams.
- Highly mature and standardized, cross-system Detection-as-Code
- Powerful CI/CD architecture, where the client OpenTide instance injects CoreTide - decoupling code and content
- YAML-based Meta Schemas, defining all Objects within the OpenTide framework
- Powerful self-documenting JSON Schemas, creating a first of its kind IDE experience in the DE world
- Schemas, Templates, Indexes that all regenerate, and source from the client OpenTide instance configurations
- Object validation, Query Validation
- Documentation Self-Generation, creates a collection of interconnected markdown files
- Full UUIDv4 Object system
- Carbon Black Cloud EDR
- Crowdstrike XDR
- Microsoft Sentinel
- Microsoft Defender for Endpoint XDR
- Sentinel One
- Splunk Enterprise and Splunk Enterprise Security (including advance metadata management allowing to use Splunk as an integration for all analytics and DaC alert workflow)
If you are interested by another platform, please introduce a feature request with documentation to the API endpoints allowing full management of the detections on the platform.
