A simple maturity model for enterprise detection and response
Receive many types of events for all regions using EventBridge. Detect private info(PII, etc.) on EC2 instances for all regions using Macie, SSM, etc. Set EC2 instance profile automatically. Delete resources for unused or no tags, etc using lambda function. Create RolesAnywhere using custom private certificate. Create security-group-rules-checker for checking security group rules.
A simple maturity model for enterprise detection and response
Datadog offers a comprehensive suite of cybersecurity tools for various aspects of application and infrastructure monitoring.
Detailed analysis of the event-stream incident and actions taken by npm Security.
A public incident response process documentation used at PagerDuty
A DevSecOps command line asset inventory tool
Catalyst is a SOAR system that automates alert handling and incident response processes, adapting to your workflows and being open source.