A web collaborative platform for incident responders to share technical details during investigations, shipped in Docker containers for easy installation and upgrades.
TheHive is a collaborative and open-source incident response platform that allows for the sharing of observables among analysts and automated response actions.
A web collaborative platform for incident responders to share technical details during investigations, shipped in Docker containers for easy installation and upgrades.
Repository of templates for Ayehu's workflows with the ability to design, execute, and automate IT and business processes.
A framework for improving detection strategies and alert efficacy.
A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.
A set of scripts for collecting forensic data from Windows and Unix systems respecting the order of volatility.
A standardized framework for describing and classifying cybersecurity incidents