GDPatrol
A Serverless Security Orchestration Automation and Response (SOAR) Framework for AWS GuardDuty. The GDPatrol Lambda function receives the GuardDuty findings through the CloudWatch Event Rule and executes the appropriate actions to mitigate the threats according to their types and severity. Supported actions include blacklist_ip, whitelist_ip, block_domain, quarantine_instance, snapshot_instance, disable_account, disable_ec2_access, enable_ec2_access, disable_sg_access, enable_sg_access, and asg_detach_instance. The actions to be executed are configured in the config.json file.
FEATURES
ALTERNATIVES
PacBot is a platform for continuous compliance monitoring, compliance reporting, and security automation for the cloud, with a plugin-based data ingestion architecture.
Incident response and case management solution for efficient incident response and management.
A System for Abuse- and Incident Handling with log file analysis capabilities.
A collaborative and open-source incident response platform for sharing observables among analysts.
WALKOFF is an automation framework for integrating capabilities and devices to streamline tasks.
Migrated Splunk SOAR Connectors to new GitHub organization for better organization and management.
Repository of playbooks, scripts, and templates for automating and orchestrating Security Operations.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.