Cyber Triage is an automated Digital Forensics and Incident Response (DFIR) software that enables cybersecurity professionals to quickly investigate intrusions related to malware, ransomware, and account takeover. It provides a comprehensive solution for conducting rapid incident response, with features such as artifact scoring, advanced analytics, and a recommendation engine. Cyber Triage is designed to work in various scenarios, including on-premise servers, cloud, and laptops, and is trusted by global organizations committed to security. The software allows responders to quickly answer intrusion questions, such as "What did the attacker do?" and "How did they get in?". It provides a flexible deployment model, with the ability to collect data using an agentless collection tool, analyze artifacts, and respond to incidents. Cyber Triage is built by Sleuth Kit Labs, a spinout of BasisTech, and is designed to make digital forensics easier and more effective for first responders.
A compilation of suggested tools for each component in a detection and response pipeline, with real-world examples, to design effective threat detection and response pipelines.
A Serverless Security Orchestration Automation and Response (SOAR) Framework for AWS GuardDuty with various supported actions.
A Sysmon configuration file template with detailed explanations and tutorial-like features.
A defense-in-depth security automation and monitoring framework utilizing threat intelligence, machine learning, and serverless technologies.
A collection of Cyber Incident Response Playbook Battle Cards (PBC) for combating cyber threats and attacks, following a prescriptive approach inspired by CERT Societe Generale's IRM.
Sample security playbooks for security automation, orchestration and response (SOAR) using Microsoft Sentinel trigger
A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.
Catalyst is a SOAR system that automates alert handling and incident response processes, adapting to your workflows and being open source.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.