23 tools and resources
CrowdStrike Charlotte AI is a conversational AI assistant that accelerates security operations by automating tasks and providing faster intelligence through generative AI capabilities.
FortiAI is an AI assistant that uses generative AI combined with Fortinet's security expertise to guide analysts through threat investigation, response automation, and complex SecOps workflows.
Infinity Platform / Infinity AI is an AI-powered threat intelligence and generative AI service that combines AI-powered threat intelligence with generative AI capabilities for comprehensive threat prevention, automated threat response, and efficient security administration.
Microsoft Defender for Endpoint is a comprehensive endpoint security solution that provides industry-leading, multi-platform detection and response capabilities.
A general cybersecurity news site providing discussions and news on various cybersecurity topics.
Automate security incident handling and facilitate real-time activities of incident handlers.
Adversary emulation framework for testing security measures in network environments.
An informational repo about hunting for adversaries in your IT environment.
FortiEDR is an automated endpoint security solution that integrates with the Fortinet Security Fabric and third-party solutions to reduce MTTR and provide real-time breach detection and response.
Sample detection rules and dashboards for Google Security Operations
Symantec Enterprise Cloud provides comprehensive cybersecurity for large enterprises, with a focus on data-centric hybrid security and innovation in threat and data protection.
Daily feed of bad IPs with blacklist hit scores for cybersecurity professionals to stay informed about malicious IP addresses.
A framework for improving detection strategies and alert efficacy.
Free online ethical hacking course covering penetration testing, web app assessments, exploit development, and security operations.
A simple maturity model for enterprise detection and response
Unified defense platform providing endpoint protection, extended detection and response, threat hunting, and digital forensics and incident response.
Repository of playbooks, scripts, and templates for automating and orchestrating Security Operations.
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
A single cybersecurity platform that provides holistic security management, prevention, detection, and response capabilities powered by AI and threat intelligence, designed to simplify and converge security operations in diverse hybrid IT environments.
Open source security data lake for AWS with real-time log normalization and Detection-as-Code capabilities.
Open Source Threat Intelligence Gathering and Processing Framework
A collection of detections for Panther SIEM with detailed setup instructions.
Converts Sigma and Yara rules to CRYPTTECH's SIEM query language.
