Security Incident Response
Explore 19 curated tools and resources
Search by name, description, or purpose... (⌘+K)
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A case management platform for Security Operations Centers that enables collaborative incident response, workflow automation, and compliance reporting throughout the cybersecurity incident response lifecycle.
A case management platform for Security Operations Centers that enables collaborative incident response, workflow automation, and compliance reporting throughout the cybersecurity incident response lifecycle.
A comprehensive Linux log analysis tool that streamlines the investigation of security incidents by extracting and organizing critical details from supported log files.
A comprehensive Linux log analysis tool that streamlines the investigation of security incidents by extracting and organizing critical details from supported log files.
A runtime threat management and attack path enumeration tool for cloud-native environments
A runtime threat management and attack path enumeration tool for cloud-native environments
A collection of incident response methodologies for various security incidents, providing easy-to-use operational best practices.
A collection of incident response methodologies for various security incidents, providing easy-to-use operational best practices.
SCOT is a cybersecurity incident tracking and management platform that enables security operations centers to document, analyze, and coordinate responses to security events through collaborative workflows.
SCOT is a cybersecurity incident tracking and management platform that enables security operations centers to document, analyze, and coordinate responses to security events through collaborative workflows.
GravityZone is a unified endpoint security and analytics platform that provides risk assessment, threat prevention, and incident response capabilities.
GravityZone is a unified endpoint security and analytics platform that provides risk assessment, threat prevention, and incident response capabilities.
A powerful tool for analyzing and visualizing system activity timelines.
A powerful tool for analyzing and visualizing system activity timelines.
Incident response and case management solution for efficient incident response and management.
Incident response and case management solution for efficient incident response and management.
Web-based tool for incident response with easy local installation using Docker.
Web-based tool for incident response with easy local installation using Docker.
Dispatch helps manage security incidents by integrating with existing tools and automating incident response tasks.
Dispatch helps manage security incidents by integrating with existing tools and automating incident response tasks.
FIR is a Python-based cybersecurity incident management platform designed for CSIRTs, CERTs, and SOCs to create, track, and report security incidents.
FIR is a Python-based cybersecurity incident management platform designed for CSIRTs, CERTs, and SOCs to create, track, and report security incidents.
eCrimeLabs provides a SOAR platform for threat detection and response, integrated with MISP.
eCrimeLabs provides a SOAR platform for threat detection and response, integrated with MISP.
A practical guide to developing a comprehensive security monitoring and incident response strategy, covering incident response fundamentals, threat analysis, and data analysis.
A practical guide to developing a comprehensive security monitoring and incident response strategy, covering incident response fundamentals, threat analysis, and data analysis.
A community-led project focused on standardizing security event logs.
A community-led project focused on standardizing security event logs.
Open-source, free, and scalable cyber threat intelligence and security incident response solution with improved performance and new features.
Open-source, free, and scalable cyber threat intelligence and security incident response solution with improved performance and new features.
A structured approach to managing and responding to suspected security events or incidents.
A structured approach to managing and responding to suspected security events or incidents.
A tool collection for filtering and visualizing logon events, designed for experienced DFIR specialists in threat hunting and incident response.
A tool collection for filtering and visualizing logon events, designed for experienced DFIR specialists in threat hunting and incident response.
A framework for accumulating, describing, and classifying actionable Incident Response techniques
A framework for accumulating, describing, and classifying actionable Incident Response techniques
Template-based incident response runbooks for AWS environments following NIST guidelines to help organizations handle common cloud security incidents.
Template-based incident response runbooks for AWS environments following NIST guidelines to help organizations handle common cloud security incidents.