COPS - Collaborative Open Playbook Standard Logo

COPS - Collaborative Open Playbook Standard

0
Free
Visit Website

This repository contains schema definitions for a DFIR (Digital Forensics Incident Response) Playbook based on YAML, providing written guidance for identifying, containing, eradicating, and recovering from cyber security incidents. The spec promises an open, semi/fully automated, and visible incident response process, allowing analysts to create, share, and contribute in the same language.

FEATURES

ALTERNATIVES

A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.

Open-source, free, and scalable cyber threat intelligence and security incident response solution with improved performance and new features.

An AI-powered SOC automation platform that performs autonomous alert triage, investigation, and incident response while augmenting human analyst capabilities.

A framework for accumulating, describing, and classifying actionable Incident Response techniques

A Sysmon configuration file template with detailed explanations and tutorial-like features.

Incident response platform for automating alert handling and incident response procedures.

Automated tool for scripting complex sequences in cybersecurity frameworks.

jimi is an orchestration automation tool for multi-team collaboration and automation in IT/Security operations, Development, and CI/CD pipelines.