RE&CT Framework Logo

RE&CT Framework

0
Free
Visit Website

A framework — knowledge base of actionable Incident Response techniques A community-driven collection of Security Incident Response Playbooks A data source of the Atomic Threat Coverage framework The RE&CT Framework is designed for accumulating, describing and classification actionable Incident Response techniques. RE&CT's philosophy is based on the MITRE's ATT&CK framework. The columns represent Response Stages. The cells repsresent Response Actions. (Image generated by RE&CT Navigator) The main use cases: Prioritization of Incident Response capabilities development, including skills development, technical measures acquisition/deployment, internal procedures development, etc Gap analysis — determine "coverage" of existing Incident Response capabilities The main resources: RE&CT Navigator (modified ATT&CK Navigator) for visualization and observing the big picture Automatically generated RE&CT website is the best place for getting details about existing analytics Automatically generated Atlassian Confluence knowledge base - exporting functionality demonstration Actionable Analytics The ATC RE&CT project is

FEATURES

ALTERNATIVES

Fast suspicious file finder for threat hunting and live forensics.

Web-based tool for incident response with easy local installation using Docker.

A proof of concept for using the SSM Agent in Fargate for incident response

Tool to disable vulnerable features in Windows and popular applications for enhanced security.

A collection of incident response methodologies for various security incidents, providing easy-to-use operational best practices.

Cortex XSOAR is a comprehensive SOAR platform that automates and standardizes security processes for faster response times and increased team productivity.

An AI-powered platform that automates threat hunting and analysis by processing cyber threat intelligence and generating customized hunt packages for SOC teams.

PacBot is a platform for continuous compliance monitoring, compliance reporting, and security automation for the cloud, with a plugin-based data ingestion architecture.

PINNED