IRIS is a web collaborative platform designed to assist incident responders in sharing technical details during investigations. It consists of two main parts: IrisWeb, the core web application for managing the interface and database, and IrisModules, extensions that allow third parties to process data (e.g., enrich IOCs with MISP and VT, upload EVTX into Splunk). IRIS can function without modules, but default ones are preinstalled, and additional modules can be configured in the UI under Manage > Modules. The system is shipped in Docker containers for easy installation and upgrades using Docker compose.
Migrated Splunk SOAR Connectors to new GitHub organization for better organization and management.
A framework for improving detection strategies and alert efficacy.
A set of scripts for collecting forensic data from Windows and Unix systems respecting the order of volatility.
An open-source SOAR tool for automating threat and incident response workflows using CACAO security playbooks.
Incident Response Documentation tool for tracking findings and tasks.
Wazuh is an open-source security platform offering unified XDR and SIEM protection for endpoints and cloud workloads, integrating various security functions into a single architecture.
PowerGRR is a PowerShell module for the GRR API, allowing automation and scripting for incident response and remote live forensics.
A collection of AWS security architectures for various security operations.
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.