Security Operations
Tols and platforms for managing and optimizing security operations centers (SOCs).Explore 128 curated tools and resources
Search by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
Automated Digital Forensics and Incident Response (DFIR) software for rapid incident response and intrusion investigations.
Automated Digital Forensics and Incident Response (DFIR) software for rapid incident response and intrusion investigations.
A module-based AWS response tool for incident response in AWS environments.
A module-based AWS response tool for incident response in AWS environments.
A custom activity repository for Ayehu NG automation platform, allowing users to create and modify activities to fit their specific needs.
A custom activity repository for Ayehu NG automation platform, allowing users to create and modify activities to fit their specific needs.
Fast suspicious file finder for threat hunting and live forensics.
Fast suspicious file finder for threat hunting and live forensics.
A multi-platform open source tool for triaging suspect systems and hunting for Indicators of Compromise (IOCs) across thousands of endpoints.
A multi-platform open source tool for triaging suspect systems and hunting for Indicators of Compromise (IOCs) across thousands of endpoints.
Migrated Splunk SOAR Connectors to new GitHub organization for better organization and management.
Migrated Splunk SOAR Connectors to new GitHub organization for better organization and management.
Open-source, free, and scalable cyber threat intelligence and security incident response solution with improved performance and new features.
Open-source, free, and scalable cyber threat intelligence and security incident response solution with improved performance and new features.
AWS Community repository of custom Config rules with instructions for leveraging and developing AWS Config Rules.
AWS Community repository of custom Config rules with instructions for leveraging and developing AWS Config Rules.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
npm security team foils plot to steal $13 million in cryptocurrency
npm security team foils plot to steal $13 million in cryptocurrency
Sample security playbooks for security automation, orchestration and response (SOAR) using Microsoft Sentinel trigger
Sample security playbooks for security automation, orchestration and response (SOAR) using Microsoft Sentinel trigger
Receive important notifications and updates related to North American electric grid security.
Receive important notifications and updates related to North American electric grid security.
Incident response and digital forensics tool for transforming data sources and logs into graphs.
Incident response and digital forensics tool for transforming data sources and logs into graphs.
A public incident response process documentation used at PagerDuty
A public incident response process documentation used at PagerDuty
A Live Response collection script for Incident Response that automates the collection of artifacts from various Unix-like operating systems.
A Live Response collection script for Incident Response that automates the collection of artifacts from various Unix-like operating systems.
A framework for accumulating, describing, and classifying actionable Incident Response techniques
A framework for accumulating, describing, and classifying actionable Incident Response techniques
Shuffle Automation provides an open-source platform for security orchestration, automation, and response.
Shuffle Automation provides an open-source platform for security orchestration, automation, and response.
Incident response platform for automating alert handling and incident response procedures.
Incident response platform for automating alert handling and incident response procedures.
Malware allows attackers to execute Windows commands from a remote environment
Malware allows attackers to execute Windows commands from a remote environment
A modular incident response framework in Powershell that uses Powershell Remoting to collect data for incident response and breach hunts.
A modular incident response framework in Powershell that uses Powershell Remoting to collect data for incident response and breach hunts.
jimi is an orchestration automation tool for multi-team collaboration and automation in IT/Security operations, Development, and CI/CD pipelines.
jimi is an orchestration automation tool for multi-team collaboration and automation in IT/Security operations, Development, and CI/CD pipelines.
A DFIR Playbook Spec based on YAML for collaborative incident response processes.
A DFIR Playbook Spec based on YAML for collaborative incident response processes.
Scalable, cost-effective application recovery to AWS.
Scalable, cost-effective application recovery to AWS.
Incident Response Documentation tool for tracking findings and tasks.
Incident Response Documentation tool for tracking findings and tasks.