The VERIS Framework is a standardized framework for describing and classifying cybersecurity incidents. It provides a structured approach to incident response and incident reporting, enabling organizations to better understand and manage cybersecurity incidents. The framework is designed to be flexible and adaptable to different types of incidents, and can be used by organizations of all sizes and industries. VERIS is widely recognized as a standard for incident response and is used by many organizations around the world.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
An open-source, drag-and-drop security workflow builder with integrated case management for automating security workflows and tackling alert fatigue.
IRIS-SOAR is a Python-based modular SOAR platform that automates security incident response workflows and integrates with DFIR-IRIS for enhanced digital forensics operations.
Open-source security automation platform for automating security alerts and building AI-assisted workflows.
JIMI is a flow-based orchestration automation platform that combines low-code and no-code capabilities for multi-team collaboration across IT, security, and development operations.
A community repository of workflow templates for the Ayehu NG platform that enables automated IT and business process execution.
RedEye is a visual analytic tool that provides enhanced situational awareness and operational insights for both Red and Blue Team cybersecurity operations.
Request Tracker for Incident Response (RTIR) is a tool for incident response teams to manage incident reports, correlate data, and facilitate communication.
Shuffle Automation provides an open-source platform for security orchestration, automation, and response.
A compilation of suggested tools for each component in a detection and response pipeline, with real-world examples, to design effective threat detection and response pipelines.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.