18 tools and resources
A comprehensive Linux log analysis tool that streamlines the investigation of security incidents by extracting and organizing critical details from supported log files.
A project that uses Athena and EventBridge to investigate API activity and notify of actions for incident response and misconfiguration detection.
A runtime threat management and attack path enumeration tool for cloud-native environments
A collection of incident response methodologies for various security incidents, providing easy-to-use operational best practices.
A modular, menu-driven tool for building repeatable, time-delayed, distributed security events.
GravityZone is a unified endpoint security and analytics platform that provides risk assessment, threat prevention, and incident response capabilities.
A powerful tool for analyzing and visualizing system activity timelines.
Incident response and case management solution for efficient incident response and management.
Web-based tool for incident response with easy local installation using Docker.
A network-based panic button to overwrite LUKS header and shutdown the computer in emergencies, making data recovery impossible.
Dispatch helps manage security incidents by integrating with existing tools and automating incident response tasks.
eCrimeLabs provides a SOAR platform for threat detection and response, integrated with MISP.
A practical guide to developing a comprehensive security monitoring and incident response strategy, covering incident response fundamentals, threat analysis, and data analysis.
A community-led project focused on standardizing security event logs.
Open-source, free, and scalable cyber threat intelligence and security incident response solution with improved performance and new features.
A structured approach to managing and responding to suspected security events or incidents.
A tool collection for filtering and visualizing logon events, designed for experienced DFIR specialists in threat hunting and incident response.
A framework for accumulating, describing, and classifying actionable Incident Response techniques
