SOARCA is an open-source Security Orchestration, Automation and Response (SOAR) tool that automates threat and incident response workflows using CACAO security playbooks. It supports standardized formats and technologies, including CACAOv2 and OpenC2, and allows for extensibility and customization. It can ingest, validate, and execute CACAOv2 security playbooks via a JSON API and has native capabilities for http(s), SSH, and OpenC2 interfaces. Additionally, it has an MQTT interface for adding custom integrations. The tool is designed for research and innovation purposes, allowing SOC, CERT, and CTI professionals to experiment with playbook-driven security automation.
This tool is not verified yet and doesn't have listed features.
Did you submit the verified tool? Sign in to add features.
Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.
Catalyst is a SOAR system that automates alert handling and incident response processes, adapting to your workflows and being open source.
A module-based AWS response tool for incident response in AWS environments.
Repository of default playbooks and custom functions for Splunk SOAR instances with content migration to Splunk's GitHub.
A framework for improving detection strategies and alert efficacy.
Incident response and case management solution for efficient incident response and management.
Enhances Windows OS security through system modifications and settings adjustments.