Tracecat
Open-source security automation platform for automating security alerts and building AI-assisted workflows.
This repository contains schema definitions for a DFIR (Digital Forensics Incident Response) Playbook based on YAML, providing written guidance for identifying, containing, eradicating, and recovering from cyber security incidents. The spec promises an open, semi/fully automated, and visible incident response process, allowing analysts to create, share, and contribute in the same language.
Open-source security automation platform for automating security alerts and building AI-assisted workflows.
PowerGRR is a PowerShell module for the GRR API, allowing automation and scripting for incident response and remote live forensics.
CimSweep is a suite of CIM/WMI-based tools for incident response and hunting operations on Windows systems without the need to deploy an agent.
Metadata repository with installation tools and cloud provider support.
An automation platform with community support and documentation for easy development.
Catalyst is a SOAR system that automates alert handling and incident response processes, adapting to your workflows and being open source.