INCIDENTS
INCIDENTS is a web-based tool for incident response, similar to TheHive, designed for investigating various security incidents such as malware infections, phishing campaigns, insider abuse, application vulnerabilities, and denial-of-service attempts. It is suitable for SOC, MSSP, incident response firms, or internal detection/response teams. The tool can be easily installed locally using Docker and Docker Compose, with initial user account provisioning and login credentials provided upon installation. Note that email sending isn't configured in the local setup, so 'Forgot my password' feature won't work. Avoid using this setup in a production environment.
FEATURES
SIMILAR TOOLS
Detect signed malware and track stolen code-signing certificates using osquery.
Scumblr is a web application for periodic syncs of data sources and security analysis to streamline proactive security.
A collection of structured incident response playbook battle cards that provide prescriptive countermeasures and procedures for combating cyber threats and attacks during security incidents.
Reveelium UEBA is a French-developed User and Entity Behavior Analytics solution that uses artificial intelligence to detect abnormal behaviors and security threats by analyzing user and entity activities within an organization's network.
Network Intelligence is a cybersecurity services provider offering comprehensive security solutions through their ADVISE framework, including detection and response, compliance, data privacy, and secure digital transformation services across multiple industries.
A centralized management console for efficiently operating and monitoring large-scale, multitenant Logpoint SIEM deployments across customers, geographies, and organizational divisions.
A multi-platform open source tool for triaging suspect systems and hunting for Indicators of Compromise (IOCs) across thousands of endpoints.
An investigative analytics platform that uses machine learning to fuse and analyze data from multiple sources, enabling security organizations to extract insights and identify patterns for threat prevention and complex investigations.
Shuffle is a platform for automating security workflows with confidence, offering templates, collaboration tools, and a large app library.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.