The Splunk SOAR Community Playbooks repository contains default initial playbooks and custom functions for each Splunk SOAR instance, with content migration to Splunk's GitHub in progress. External submissions are paused until migration completion to ensure no content interruption for Splunk SOAR customers. The platform automatically links to the branch matching the running Splunk SOAR version.
FEATURES
SIMILAR TOOLS
jimi is an orchestration automation tool for multi-team collaboration and automation in IT/Security operations, Development, and CI/CD pipelines.
Catalyst is a SOAR system that automates alert handling and incident response processes, adapting to your workflows and being open source.
Modular SOAR implementation in Python for security orchestration, automation, and response.
Shuffle Automation provides an open-source platform for security orchestration, automation, and response.
Request Tracker for Incident Response (RTIR) is a tool for incident response teams to manage incident reports, correlate data, and facilitate communication.
A compilation of suggested tools for each component in a detection and response pipeline, with real-world examples, to design effective threat detection and response pipelines.
Repository of templates for Ayehu's workflows with the ability to design, execute, and automate IT and business processes.
An open-source, drag-and-drop security workflow builder with integrated case management for automating security workflows and tackling alert fatigue.
Open-source security automation platform for automating security alerts and building AI-assisted workflows.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.