Incident Handling

A collection of incident response methodologies for various security incidents, providing easy-to-use operational best practices.

A Microsoft Word template library for implementing industrial information security management systems with documentation for policy, risk management, business continuity, and incident handling.

A collection of structured incident response playbook battle cards providing prescriptive guidance and countermeasures for cybersecurity incident response operations.

Request Tracker for Incident Response (RTIR) is a tool for incident response teams to manage incident reports, correlate data, and facilitate communication.

A System for Abuse- and Incident Handling with log file analysis capabilities.

AWS IR is a Python command line utility for automated incident response and mitigation of instance and key compromises in Amazon Web Services environments.

FIR is a Python-based cybersecurity incident management platform designed for CSIRTs, CERTs, and SOCs to create, track, and report security incidents.

IRIS-SOAR is a Python-based modular SOAR platform that automates security incident response workflows and integrates with DFIR-IRIS for enhanced digital forensics operations.

A Python-based modular incident response tool for AWS environments that enables automated security actions across EC2, IAM, VPC, and other AWS resources.

A structured approach to managing and responding to suspected security events or incidents.

A condensed field guide for cyber security incident responders, covering incident response processes, attacker tactics, and practical techniques for handling incidents.

Template-based incident response runbooks for AWS environments following NIST guidelines to help organizations handle common cloud security incidents.