A Microsoft Sysinternals Sysmon configuration file template with default high-quality event tracing, serving as a great starting point for system change monitoring. This file, with detailed comments and explanations, also acts as a tutorial for Sysmon and a guide to critical monitoring areas in Windows systems.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Catalyst is a SOAR system that automates alert handling and incident response processes, adapting to your workflows and being open source.
A compilation of suggested tools for each component in a detection and response pipeline, with real-world examples, to design effective threat detection and response pipelines.
Request Tracker for Incident Response (RTIR) is a tool for incident response teams to manage incident reports, correlate data, and facilitate communication.
An open-source SOAR tool for automating threat and incident response workflows using CACAO security playbooks.
Fast Intercept is a security automation platform that empowers users to maximize their existing security products and automate routine tasks.
Shuffle Automation provides an open-source platform for security orchestration, automation, and response.
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Automatically configure your app to follow OWASP security patterns and principles with Nuxt Security module.
Cortex XSOAR is a comprehensive SOAR platform that automates and standardizes security processes for faster response times and increased team productivity.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.