Incident Management

IT alert management platform that consolidates alerts from multiple monitoring tools

Digital incident response plan built on SANS 504-B framework

Incident management platform with automation, workflows, and playbooks

SOC management platform for incident response and cyber response management

Enterprise security workflow automation platform for vulnerability management

Cloud Sniper is a centralized cloud security operations platform that provides incident response, threat correlation, and automated security actions for cloud infrastructure protection.

A panic button application that triggers coordinated emergency responses across multiple connected security applications and systems.

A collection of incident response methodologies for various security incidents, providing easy-to-use operational best practices.

SCOT is a cybersecurity incident tracking and management platform that enables security operations centers to document, analyze, and coordinate responses to security events through collaborative workflows.

A web collaborative platform for incident responders to share technical details during investigations, shipped in Docker containers for easy installation and upgrades.

A collection of structured incident response playbook battle cards providing prescriptive guidance and countermeasures for cybersecurity incident response operations.

A standardized framework for describing and classifying cybersecurity incidents

n6 is a network security incident exchange system that collects, manages, and distributes threat and incident data through REST API and web interfaces for authorized users.

Request Tracker for Incident Response (RTIR) is a tool for incident response teams to manage incident reports, correlate data, and facilitate communication.

Dispatch helps manage security incidents by integrating with existing tools and automating incident response tasks.

Zenduty's platform provides real-time operational health monitoring and incident response orchestration to improve incident response times and build a solid on-call culture.

FIR is a Python-based cybersecurity incident management platform designed for CSIRTs, CERTs, and SOCs to create, track, and report security incidents.

A structured approach to managing and responding to suspected security events or incidents.

Catalyst is a SOAR platform that automates alert handling and incident response procedures through ticket management, templates, and playbooks.

COPS is a YAML-based schema standard for creating collaborative DFIR playbooks that provide structured guidance for incident response processes.

A comprehensive guide to developing an incident response capability through intelligence-based threat hunting, covering theoretical concepts and real-life scenarios.

Template-based incident response runbooks for AWS environments following NIST guidelines to help organizations handle common cloud security incidents.