This repository contains schema definitions for a DFIR (Digital Forensics Incident Response) Playbook based on YAML, providing written guidance for identifying, containing, eradicating, and recovering from cyber security incidents. The spec promises an open, semi/fully automated, and visible incident response process, allowing analysts to create, share, and contribute in the same language.
TheHive is a case management platform for security operations teams that facilitates incident response, threat analysis, and team collaboration.
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
A project that uses Athena and EventBridge to investigate API activity and notify of actions for incident response and misconfiguration detection.
jimi is an orchestration automation tool for multi-team collaboration and automation in IT/Security operations, Development, and CI/CD pipelines.
Automate security incident handling and facilitate real-time activities of incident handlers.
Open-source abuse management toolkit for automating and improving the abuse handling process.
Templates for incident response run-books tailored for AWS environments based on NIST guidelines.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
An AI-driven data classification and governance platform that automatically discovers, analyzes, and labels sensitive information while providing risk management and compliance capabilities.
An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.
Aikido is an all-in-one security platform that combines multiple security scanning and management functions for cloud-native applications and infrastructure.
Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.