IRM-2022 Logo

IRM-2022

0
Free
Visit Website

IRM-2022 (Incident Response Methodologies 2022) CERT Societe Generale with the collaboration of CERT aDvens provides easy to use operational incident best practices. These cheat sheets are dedicated to incident handling and cover multiple fields in which a CERT team can be involved. One IRM exists for each security incident we're used to dealing with. CERT Societe Generale would like to thank SANS and Lenny Zeltser who have been a major source of inspiration for some IRMs. We also would like to thank CERT aDvens for the collaborative work and the French translation. Feel free to contact us if you identify a bug or an error in these IRMs. This work is licensed under a Creative Commons Attribution 3.0 Unported License.

FEATURES

ALTERNATIVES

A DFIR console integrating various cybersecurity tools and frameworks for efficient incident response.

Templates for incident response run-books tailored for AWS environments based on NIST guidelines.

PowerGRR is a PowerShell module for the GRR API, allowing automation and scripting for incident response and remote live forensics.

A report on detecting lateral movement through tracking event logs, updated to include analysis of various tools and commands used by attackers.

A PHP based web application for managing postmortems with pluggable features.

Incident Response Documentation tool for tracking findings and tasks.

A Sysmon configuration file template with detailed explanations and tutorial-like features.

Repository of default playbooks and custom functions for Splunk SOAR instances with content migration to Splunk's GitHub.