Playbooks
Browse 70 playbooks tools
FEATURED
Unified SOAR platform for centralized security management and automation
Unified SOAR platform for centralized security management and automation
Ransomware preparedness & response service with playbooks and negotiation
Ransomware preparedness & response service with playbooks and negotiation
Low-code automation builder for creating security playbooks and workflows
Low-code automation builder for creating security playbooks and workflows
Agentic AI-powered SOAR platform for security automation and case management
Agentic AI-powered SOAR platform for security automation and case management
SOAR platform for automating and orchestrating incident response workflows
SOAR platform for automating and orchestrating incident response workflows
AI-driven SOAR platform for automated incident response & threat detection
AI-driven SOAR platform for automated incident response & threat detection
Incident management platform with automation, workflows, and playbooks
Incident management platform with automation, workflows, and playbooks
XDR platform with AI-powered threat detection, investigation, and response
XDR platform with AI-powered threat detection, investigation, and response
AI-powered cyber incident response platform for training, orchestration & mgmt
AI-powered cyber incident response platform for training, orchestration & mgmt
A vendor-agnostic product for managing and analyzing cybersecurity playbooks.
A vendor-agnostic product for managing and analyzing cybersecurity playbooks.
An AWS incident response framework that uses Athena to analyze CloudTrail events and EventBridge for notifications to investigate API activity and detect security misconfigurations.
An AWS incident response framework that uses Athena to analyze CloudTrail events and EventBridge for notifications to investigate API activity and detect security misconfigurations.
SOAR platform for orchestrating security products and automating SOC workflows
SOAR platform for orchestrating security products and automating SOC workflows
A collection of structured incident response playbook battle cards providing prescriptive guidance and countermeasures for cybersecurity incident response operations.
A collection of structured incident response playbook battle cards providing prescriptive guidance and countermeasures for cybersecurity incident response operations.
Incident response and case management solution for efficient incident response and management.
Incident response and case management solution for efficient incident response and management.
SOARCA is an open-source SOAR platform that automates security incident response workflows using standardized CACAOv2 playbooks and multiple integration interfaces.
SOARCA is an open-source SOAR platform that automates security incident response workflows using standardized CACAOv2 playbooks and multiple integration interfaces.
A content repository for Cortex XSOAR that provides playbooks, automation scripts, and templates for security operations automation and orchestration.
A content repository for Cortex XSOAR that provides playbooks, automation scripts, and templates for security operations automation and orchestration.
IRIS-SOAR is a Python-based modular SOAR platform that automates security incident response workflows and integrates with DFIR-IRIS for enhanced digital forensics operations.
IRIS-SOAR is a Python-based modular SOAR platform that automates security incident response workflows and integrates with DFIR-IRIS for enhanced digital forensics operations.
Repository of default playbooks and custom functions for Splunk SOAR instances with content migration to Splunk's GitHub.
Repository of default playbooks and custom functions for Splunk SOAR instances with content migration to Splunk's GitHub.
A repository of sample security playbooks with ARM templates for Microsoft Sentinel that enable automated security orchestration and response capabilities.
A repository of sample security playbooks with ARM templates for Microsoft Sentinel that enable automated security orchestration and response capabilities.
Catalyst is a SOAR platform that automates alert handling and incident response procedures through ticket management, templates, and playbooks.
Catalyst is a SOAR platform that automates alert handling and incident response procedures through ticket management, templates, and playbooks.
COPS is a YAML-based schema standard for creating collaborative DFIR playbooks that provide structured guidance for incident response processes.
COPS is a YAML-based schema standard for creating collaborative DFIR playbooks that provide structured guidance for incident response processes.
Template-based incident response runbooks for AWS environments following NIST guidelines to help organizations handle common cloud security incidents.
Template-based incident response runbooks for AWS environments following NIST guidelines to help organizations handle common cloud security incidents.
