DFIRTrack
0
Free
DFIRTrack (Digital Forensics and Incident Response Tracking application) is an open source web application mainly based on Django using a PostgreSQL database back end. In contrast to other great incident response tools, which are mainly case-based and support the work of CERTs, SOCs etc. in their daily business, DFIRTrack is focused on handling one or more major incidents with a lot of affected systems as it is often observed in APT cases. It is meant to be used as a tool for dedicated incident response teams in large cases. So, of course, CERTs and SOCs may use DFIRTrack as well, but they may feel it will be more appropriate in special cases instead of every day work. In contrast to case-based applications, DFIRTrack rather works in a system-based fashion. It keeps track of the status of various systems and the tasks and forensic artifacts associated with them, keeping the analyst well-informed about the status and number of affected systems at any time during the investigation phase up to the remediation phase of the incident response process. The main entities for incident tracking are: systems, artifacts, tasks, cases, tags, notes, and report items. One focus is the fast and r
FEATURES
The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.
ALTERNATIVES
A mature SIEM environment is critical for successful SOAR implementation.
Dropzone AI is an autonomous AI agent for SOCs that performs end-to-end investigations of security alerts, integrating with existing cybersecurity tools and data sources.
Commercial
A collaborative and open-source incident response platform for sharing observables among analysts.
CBRX is a cloud-based platform that automates incident analysis and reporting for cybersecurity teams.
Commercial
A collection of incident response methodologies for various security incidents, providing easy-to-use operational best practices.
Automate security incident handling and facilitate real-time activities of incident handlers.
A Serverless Security Orchestration Automation and Response (SOAR) Framework for AWS GuardDuty with various supported actions.
Scalable, cost-effective application recovery to AWS.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Free
Security Operations
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Free
Blogs and News
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Commercial
Vulnerability Management
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.
Commercial
AI Security