System Two Security
System Two Security is a SOC automation platform that utilizes generative AI for threat hunting and analysis. The platform operates through three main components: 1. Threat Research: Consolidates and unifies Cyber Threat Intelligence (CTI) reports into a centralized repository. 2. Threat Analysis: Creates customized attack patterns and generates hunt packages specific to an organization's attack surface. 3. Iterative Threat Hunting: Implements automated threat hunting processes based on generated hunt packages, producing detailed hunt reports with threat identification and mitigation plans. The system processes raw cyber threat advisories and automates the threat detection and containment workflow, designed for use by MSSPs and enterprise SOCs.
FEATURES
SIMILAR TOOLS
A PHP based web application for managing postmortems with pluggable features.
A web collaborative platform for incident responders to share technical details during investigations, shipped in Docker containers for easy installation and upgrades.
WALKOFF is an automation framework for integrating capabilities and devices to streamline tasks.
An enterprise cybersecurity platform that unifies endpoint, cloud, and identity security through an integrated data lake architecture with AI-powered analysis capabilities.
Reveelium UEBA is a French-developed User and Entity Behavior Analytics solution that uses artificial intelligence to detect abnormal behaviors and security threats by analyzing user and entity activities within an organization's network.
AWS Community repository of custom Config rules with instructions for leveraging and developing AWS Config Rules.
A compilation of suggested tools for each component in a detection and response pipeline, with real-world examples, to design effective threat detection and response pipelines.
A System for Abuse- and Incident Handling with log file analysis capabilities.
Open-source, free, and scalable cyber threat intelligence and security incident response solution with improved performance and new features.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.