CrowdStrike Falcon Orchestrator is a Windows-based application for workflow automation and security response.
This repository provides a public version of the Alerting and Detection Strategy (ADS) framework used by the Incident Response Team at Palantir, offering building blocks for organizations to enhance their detection strategies and improve alert efficacy. The framework aims to address challenges related to the development, implementation, and documentation of alerts, ultimately increasing operational costs for attackers.
CrowdStrike Falcon Orchestrator is a Windows-based application for workflow automation and security response.
A public incident response process documentation used at PagerDuty
A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.
DFIRTrack is an open source web application focused on incident response for handling major incidents with many affected systems, tracking system status, tasks, and artifacts.
Dispatch helps manage security incidents by integrating with existing tools and automating incident response tasks.
A collection of AWS security architectures for various security operations.