Security Operations
Explore 33 curated tools and resources
LATEST ADDITIONS
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
AIL Framework is a modular system for analyzing and detecting information leaks from unstructured data sources, with capabilities for data extraction, correlation, and integration with threat intelligence platforms.
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Zania is an AI-driven platform that automates security and compliance tasks using autonomous agents for security inquiries, compliance assessments, and privacy regulation adherence.
CBRX is a cloud-based platform that automates incident analysis and reporting for cybersecurity teams.
Dropzone AI is an autonomous AI agent for SOCs that performs end-to-end investigations of security alerts, integrating with existing cybersecurity tools and data sources.
LogRhythm SIEM is a comprehensive security information and event management platform that collects, analyzes, and responds to security events across an organization's IT infrastructure.
Exabeam Security Operations Platform is a cloud-native security platform that applies AI and automation to security operations workflows for threat detection, investigation, and response.
Anomali is an AI-Powered Security Operations Platform that delivers speed, scale, and performance at a reduced cost, combining ETL, SIEM, XDR, SOAR, and TIP to detect, investigate, respond, and remediate threats.
ISO2HANDLE is a powerful software that provides a total solution for Q&R professionals, trusted by over 50,000 users and 750+ organizations worldwide.
CrowdStrike Charlotte AI is a conversational AI assistant that accelerates security operations by automating tasks and providing faster intelligence through generative AI capabilities.
FortiAI is an AI assistant that uses generative AI combined with Fortinet's security expertise to guide analysts through threat investigation, response automation, and complex SecOps workflows.
Infinity Platform / Infinity AI is an AI-powered threat intelligence and generative AI service that combines AI-powered threat intelligence with generative AI capabilities for comprehensive threat prevention, automated threat response, and efficient security administration.
Microsoft Defender for Endpoint is a comprehensive endpoint security solution that provides industry-leading, multi-platform detection and response capabilities.
A general cybersecurity news site providing discussions and news on various cybersecurity topics.
Automate security incident handling and facilitate real-time activities of incident handlers.
Adversary emulation framework for testing security measures in network environments.
An informational repo about hunting for adversaries in your IT environment.
FortiEDR is an automated endpoint security solution that integrates with the Fortinet Security Fabric and third-party solutions to reduce MTTR and provide real-time breach detection and response.
Sample detection rules and dashboards for Google Security Operations
Symantec Enterprise Cloud provides comprehensive cybersecurity for large enterprises, with a focus on data-centric hybrid security and innovation in threat and data protection.
Daily feed of bad IPs with blacklist hit scores for cybersecurity professionals to stay informed about malicious IP addresses.
A framework for improving detection strategies and alert efficacy.
Free online ethical hacking course covering penetration testing, web app assessments, exploit development, and security operations.
A simple maturity model for enterprise detection and response
Unified defense platform providing endpoint protection, extended detection and response, threat hunting, and digital forensics and incident response.
Repository of playbooks, scripts, and templates for automating and orchestrating Security Operations.
Unified repository for Microsoft Sentinel and Microsoft 365 Defender containing security content, detections, queries, playbooks, and resources to secure environments and hunt for threats.
A single cybersecurity platform that provides holistic security management, prevention, detection, and response capabilities powered by AI and threat intelligence, designed to simplify and converge security operations in diverse hybrid IT environments.
Open source security data lake for AWS with real-time log normalization and Detection-as-Code capabilities.
Open Source Threat Intelligence Gathering and Processing Framework
A collection of detections for Panther SIEM with detailed setup instructions.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Commercial
Vulnerability Management
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security