The DFIR Report
The DFIR Report provides in-depth threat intelligence reports and services, including detection rules, mentoring and coaching programs, and case artifacts. The platform offers insights into real-world intrusions, malware analysis, and threat briefs, helping cybersecurity professionals stay up-to-date with the latest threats and tactics. The reports cover various topics, such as ransomware, phishing campaigns, and exploit analysis, with detailed key takeaways and technical analysis. The website also offers a range of services, including threat feeds, DFIR labs, and merchandise, making it a comprehensive resource for cybersecurity professionals.
FEATURES
SIMILAR TOOLS
CIFv3 is the next version of the Cyber Intelligence Framework, developed against Ubuntu16, encouraging users to transition from CIFv2.
Home for rules used by Elastic Security with code for unit testing, Kibana integration, and Red Team Automation.
A system for collecting, managing, and distributing security information on a large scale, developed by CERT Polska.
Acapulco is a Splunk application that automatically generates meta-events from hpfeeds channels and visualizes them using D3.js.
Open Source Intelligence solution for threat intelligence data enrichment and quick analysis of suspicious files or malware.
A threat intelligence and vulnerability monitoring platform that aggregates security alerts from trusted sources and provides customizable monitoring and notification capabilities.
A robust Python implementation of TAXII Services with a friendly pythonic API.
Utilize Jupyter Notebooks to enhance threat hunting capabilities by focusing on different threat categories or stages.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.