Tracecat
Open-source security automation platform for automating security alerts and building AI-assisted workflows.
A Microsoft Sysinternals Sysmon configuration file template with default high-quality event tracing, serving as a great starting point for system change monitoring. This file, with detailed comments and explanations, also acts as a tutorial for Sysmon and a guide to critical monitoring areas in Windows systems.
Open-source security automation platform for automating security alerts and building AI-assisted workflows.
A proof of concept for using the SSM Agent in Fargate for incident response
A collaborative and open-source incident response platform for sharing observables among analysts.
Sample security playbooks for security automation, orchestration and response (SOAR) using Microsoft Sentinel trigger
Catalyst is a SOAR system that automates alert handling and incident response processes, adapting to your workflows and being open source.
A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.