RE&CT Framework
A framework — knowledge base of actionable Incident Response techniques A community-driven collection of Security Incident Response Playbooks A data source of the Atomic Threat Coverage framework The RE&CT Framework is designed for accumulating, describing and classification actionable Incident Response techniques. RE&CT's philosophy is based on the MITRE's ATT&CK framework. The columns represent Response Stages. The cells repsresent Response Actions. (Image generated by RE&CT Navigator) The main use cases: Prioritization of Incident Response capabilities development, including skills development, technical measures acquisition/deployment, internal procedures development, etc Gap analysis — determine "coverage" of existing Incident Response capabilities The main resources: RE&CT Navigator (modified ATT&CK Navigator) for visualization and observing the big picture Automatically generated RE&CT website is the best place for getting details about existing analytics Automatically generated Atlassian Confluence knowledge base - exporting functionality demonstration Actionable Analytics The ATC RE&CT project is
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.
AWS Community repository of custom Config rules with instructions for leveraging and developing AWS Config Rules.
Todyl is a modular cybersecurity platform that consolidates SASE, SIEM, EDR/NGAV, MXDR, and GRC capabilities into a single-agent solution with centralized management.
Detailed analysis of the event-stream incident and actions taken by npm Security.
A proof of concept for using the SSM Agent in Fargate for incident response
A remediation orchestration platform that consolidates security alerts, automates triage, and streamlines the remediation process across hybrid environments.
CBRX is a cloud-based platform that automates incident analysis and reporting for cybersecurity teams.
Receive important notifications and updates related to North American electric grid security.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.