INCIDENTS Logo

INCIDENTS

0
Free
Visit Website

INCIDENTS is a web-based tool for incident response, similar to TheHive, designed for investigating various security incidents such as malware infections, phishing campaigns, insider abuse, application vulnerabilities, and denial-of-service attempts. It is suitable for SOC, MSSP, incident response firms, or internal detection/response teams. The tool can be easily installed locally using Docker and Docker Compose, with initial user account provisioning and login credentials provided upon installation. Note that email sending isn't configured in the local setup, so 'Forgot my password' feature won't work. Avoid using this setup in a production environment.

FEATURES

ALTERNATIVES

A comprehensive auditd configuration for Linux systems following best practices.

Todyl is a modular cybersecurity platform that consolidates SASE, SIEM, EDR/NGAV, MXDR, and GRC capabilities into a single-agent solution with centralized management.

Sample security playbooks for security automation, orchestration and response (SOAR) using Microsoft Sentinel trigger

Tool to bypass endpoint solutions blocking known 'malicious' signed applications by obtaining valid signed files with different hashes.

Open-source abuse management toolkit for automating and improving the abuse handling process.

A mature SIEM environment is critical for successful SOAR implementation.

CimSweep is a suite of CIM/WMI-based tools for incident response and hunting operations on Windows systems without the need to deploy an agent.

Dispatch helps manage security incidents by integrating with existing tools and automating incident response tasks.

PINNED