{"id":15180587,"url":"https://github.com/colvert-project/colvert","last_synced_at":"2026-02-27T23:34:57.632Z","repository":{"id":255408309,"uuid":"849560271","full_name":"colvert-project/colvert","owner":"colvert-project","description":"Manage your detection use cases portfolio","archived":false,"fork":false,"pushed_at":"2024-10-17T22:02:53.000Z","size":174,"stargazers_count":1,"open_issues_count":4,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2024-10-19T13:37:05.087Z","etag":null,"topics":["bootstrap5","cert","colvert","csirt","csirt-activities","csirt-tooling","detection-use-cases","django","django-application","django-project","management","mitre-attack","python","python3","siem","siem-tools","soc"],"latest_commit_sha":null,"homepage":"https://colvert.io","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"eupl-1.2","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/colvert-project.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":null,"code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-08-29T20:12:26.000Z","updated_at":"2024-10-17T22:02:57.000Z","dependencies_parsed_at":"2024-10-23T08:19:13.814Z","dependency_job_id":null,"html_url":"https://github.com/colvert-project/colvert","commit_stats":{"total_commits":33,"total_committers":1,"mean_commits":33.0,"dds":0.0,"last_synced_commit":"c5e1ed65a534ba39affa8bb650bc9462d4116aa9"},"previous_names":["colvert-project/colvert"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/colvert-project%2Fcolvert","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/colvert-project%2Fcolvert/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/colvert-project%2Fcolvert/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/colvert-project%2Fcolvert/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/colvert-project","download_url":"https://codeload.github.com/colvert-project/colvert/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240466797,"owners_count":19805862,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bootstrap5","cert","colvert","csirt","csirt-activities","csirt-tooling","detection-use-cases","django","django-application","django-project","management","mitre-attack","python","python3","siem","siem-tools","soc"],"created_at":"2024-09-27T16:23:09.273Z","updated_at":"2026-02-27T23:34:57.624Z","avatar_url":"https://github.com/colvert-project.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Colvert\n\n[![Release](https://img.shields.io/badge/dynamic/json?logo=git\u0026logoColor=white\u0026color=blue\u0026label=Release\u0026query=tag_name\u0026url=https%3A%2F%2Fapi.github.com%2Frepos%2Fcolvert-project%2Fcolvert%2Freleases%2Flatest)](https://github.com/colvert-project/colvert/releases/latest)\n[![Documentation](https://img.shields.io/badge/Docs-docs.colvert.io-blue?logo=readthedocs\u0026logoColor=white)](https://docs.colvert.io/)\n[![Licence EUPL-1.2](https://img.shields.io/badge/Licence-EUPL--1.2-blue)](LICENCE)\n\n[![Python 3.12+](https://img.shields.io/badge/Python-3.12+-blue?logo=python\u0026logoColor=white\u0026labelColor=3776ab\u0026color=ffd43b)](https://www.python.org/)\n[![Django 5](https://img.shields.io/badge/Django-5-white?logo=django\u0026logoColor=white\u0026labelColor=092e20)](https://www.djangoproject.com/)\n[![Bootstrap 5](https://img.shields.io/badge/Bootstrap-5-white?logo=bootstrap\u0026logoColor=white\u0026labelColor=7952b3)](https://getbootstrap.com/)\n[![AdminLTE 4](https://img.shields.io/badge/AdminLTE-4-white?logo=bootstrap\u0026logoColor=white\u0026labelColor=grey)](https://adminlte.io/)\n\n**Colvert** is a tool made for cybersecurity teams (CSIRTs / SOCs) and designed to manage their portfolio of _detection use cases_ through their entire lifecycle in the context of **Information Security Event Management**.\n\n## About\n\n### Purpose\n\n**Colvert** manage the portfolio of _detection use cases_ with the possibility to document and follow-up use cases development, improvement and implementation; testing status; risk coverage compared to well-known security threats based on multiple contextual data sources; related preventive controls; and instructions for analysts triage, qualification, and correlation as playbooks and Standard Operating Procedures (SOPs).\nIt is designed to be used in the context of the _Service Area_ **Information Security Event Management** / _Service_ **Monitoring and Detection** / _Function_ **Detection Use Case Management** as defined in the [CSIRT Services Framework Version 2.1](https://www.first.org/standards/frameworks/csirts/csirt_services_framework_v2.1) from the [FIRST](https://www.first.org/):\n\n\u003e _**Purpose:**_ Manage the portfolio of detection use cases through their entire lifecycle.\n\u003e\n\u003e _**Description:**_ New detection approaches are developed, tested, and improved, and eventually onboarded into a detection use case in production. Instructions for analyst triage, qualification, and correlation need to be developed, for example in the form of playbooks and Standard Operating Procedures (SOPs). Use cases that do not perform well, i.e., that have an unfavorable benefit/effort ratio, need to be improved, redefined, or abandoned. The portfolio of detection use cases should be expanded in a risk-oriented way and in coordination with preventive controls.\n\u003e\n\u003e _**Outcome:**_ A portfolio of effective detection use cases that are relevant to the constituency is developed.\n\n### Key Features\n\nTo respond to the needs explained above, **Colvert** offers the following key features:\n\n* **Dashboards**\n* **Detection Use Cases Management**\n  * **Add / Modify / Delete** Detection Use Cases\n    * Status from idea to implementation through organized and prioritized development.\n    * Use cases _scoring_ for priorization.\n    * Enhance detection use cases with contextual data provided by connectors.\n    * _Synchronize_ detection use cases with providers catalogs.\n    * Add full rich-text documentation and additional _more-valued data fields_ as:\n      * _Runbooks_ for security analysts.\n      * Implemented queries.\n    * Add _Custom Lists_ (Whitelists, Thresholds, Scope, etc.).\n    * Attach external documents or references to.\n\n### Roadmap\n\n* Scoring System.\n* Connectors.\n* Source Logs.\n* For now, one **Colvert** instance is dedicated to one constituency. In the future, **Colvert** might be able to manage a relationship between detection use cases and multiple constituencies with also dedicated use cases by constituancy.\n* Metrics about use cases that do not perform well, i.e., that have an unfavorable benefit/effort ratio, need to be improved, redefined, or abandoned.\n\n### Why Colvert?\n\nFrom a very long brainstorming:\n\n**D**etection **U**se **C**ase \u003e\u003e\u003e **DUC** \u003e\u003e\u003e DUCK \u003e\u003e\u003e **Colvert** (Mallard duck in French).\n\nThat's it.\n\n### Links\n\n* **Website:** [colvert.io](https://colvert.io/)\n* **Documentation:** [docs.colvert.io](https://docs.colvert.io/)\n* **Git Repository:** `git clone https://github.com/colvert-project/colvert.git`\n* **Last Release:** [colvert/releases/latest](https://github.com/colvert-project/colvert/releases/latest)\n* **Packages:** [colvert-project/packages](https://github.com/orgs/colvert-project/packages)\n* **Discussions:** [colvert-project/discussions](https://github.com/orgs/colvert-project/discussions)\n* **Issues Tracker:** [colvert/issues](https://github.com/colvert-project/colvert/issues)\n\nChangelog details are available on the [releases](https://github.com/colvert-project/colvert/releases) page.\n\nAll topics about installation / deployment / usage / design / architecture / contribution / etc. can be found in [**documentation**](https://docs.colvert.io/).\n\n## Security\n\n* **Security Policy:** [colvert/security/policy](https://github.com/colvert-project/colvert/security/policy)\n* **Security Advisories:** [colvert/security/advisories](https://github.com/colvert-project/colvert/security/advisories)\n\n## Contact\n\n* Feel free to start a topic in discussions part: [colvert-project/discussions](https://github.com/orgs/colvert-project/discussions)\n* You can also contact project maintainers via mail: \u003ccontact@colvert.io\u003e\n\n## Contributing\n\n* [How to contribute?](https://github.com/colvert-project/colvert/blob/main/CONTRIBUTING.md)\n* [Colvert Contributor Code of Conduct](https://github.com/colvert-project/colvert?tab=coc-ov-file)\n\n## Contributors\n\n### Author \u0026 Project Maintainer\n\n* **Styx0x6** \u003c\u003c[github.com/styx0x6](https://github.com/styx0x6)\u003e\u003e\n\n### Contributing Developers\n\n* [Contributors Graph](https://github.com/colvert-project/colvert/graphs/contributors)\n\n### Sponsors\n\n[![styx0x6](https://github.com/styx0x6.png?size=30)](https://github.com/styx0x6)\n\n## Licence\n\n[![Licence EUPL-1.2](https://img.shields.io/badge/Licence-EUPL--1.2-blue)](LICENCE)\n\n**Colvert** - The Detection Use Case Management Tool\n\nCopyright \u0026copy; 2024  **The Colvert Contributors** (see [README.md](README.md) / [colvert/settings.py](colvert/settings.py))\n\nLicensed under the EUPL, Version 1.2 only (the \"Licence\");\nYou may not use this work except in compliance with the Licence.\nYou may obtain a copy of the Licence, available in the 23 official\nlanguages of the European Union, at:\n\n\u003chttps://joinup.ec.europa.eu/collection/eupl/eupl-text-eupl-12\u003e\n\n##\n\n![CC BY-SA 4.0](https://licensebuttons.net/l/by-sa/4.0/80x15.png)\n\n[Colvert Logo](https://github.com/colvert-project/colvert/tree/main/rsc/logo) \u0026copy; 2024 by [Colvert Project Team](https://github.com/colvert-project) is licensed under [CC BY-SA 4.0](https://creativecommons.org/licenses/by-sa/4.0/?ref=chooser-v1)\n\n## Credits\n\nCredits are listed in [docs/Credits](https://docs.colvert.io/DEV_Credits.html).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcolvert-project%2Fcolvert","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcolvert-project%2Fcolvert","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcolvert-project%2Fcolvert/lists"}