COPS - Collaborative Open Playbook Standard Logo

COPS - Collaborative Open Playbook Standard

0
Free
Visit Website

This repository contains schema definitions for a DFIR (Digital Forensics Incident Response) Playbook based on YAML, providing written guidance for identifying, containing, eradicating, and recovering from cyber security incidents. The spec promises an open, semi/fully automated, and visible incident response process, allowing analysts to create, share, and contribute in the same language.

FEATURES

ALTERNATIVES

A mature SIEM environment is critical for successful SOAR implementation.

Fast suspicious file finder for threat hunting and live forensics.

A public incident response process documentation used at PagerDuty

A modular incident response framework in Powershell that uses Powershell Remoting to collect data for incident response and breach hunts.

Open-source, free, and scalable cyber threat intelligence and security incident response solution with improved performance and new features.

AIL Framework is a modular system for analyzing and detecting information leaks from unstructured data sources, with capabilities for data extraction, correlation, and integration with threat intelligence platforms.

An open-source SOAR tool for automating threat and incident response workflows using CACAO security playbooks.

An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.