A Microsoft Sysinternals Sysmon configuration file template with default high-quality event tracing, serving as a great starting point for system change monitoring. This file, with detailed comments and explanations, also acts as a tutorial for Sysmon and a guide to critical monitoring areas in Windows systems.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Request Tracker for Incident Response (RTIR) is a tool for incident response teams to manage incident reports, correlate data, and facilitate communication.
Fast Intercept is a security automation platform that empowers users to maximize their existing security products and automate routine tasks.
A community repository of workflow templates for the Ayehu NG platform that enables automated IT and business process execution.
Catalyst is a SOAR system that automates alert handling and incident response processes, adapting to your workflows and being open source.
Cortex XSOAR is a comprehensive SOAR platform that automates and standardizes security processes for faster response times and increased team productivity.
Open-source security automation platform for automating security alerts and building AI-assisted workflows.
JIMI is a flow-based orchestration automation platform that combines low-code and no-code capabilities for multi-team collaboration across IT, security, and development operations.
Automated Digital Forensics and Incident Response (DFIR) software for rapid incident response and intrusion investigations.
An open-source, drag-and-drop security workflow builder with integrated case management for automating security workflows and tackling alert fatigue.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.