SOAR
A Security Orchestration, Automation and Response (SOAR) platform for incident response and threat hunting.
Malware for remote control (Remote Access Tool/Trojan – RAT) has a function to execute shell commands from a remote environment. With this, attackers can execute Windows commands from a remote environment. Attackers who successfully installed such malware into a Windows OS can execute Windows commands from a remote environment. This entry will demonstrate how to mitigate the attack impact by revealing Windows commands that attackers use on the intruded Windows OS, and by restricting the execution of those commands that are unnecessary for general users.
A Security Orchestration, Automation and Response (SOAR) platform for incident response and threat hunting.
Repository of playbooks, scripts, and templates for automating and orchestrating Security Operations.
CrowdStrike Falcon Orchestrator is a Windows-based application for workflow automation and security response.
A collection of Cyber Incident Response Playbook Battle Cards (PBC) for combating cyber threats and attacks, following a prescriptive approach inspired by CERT Societe Generale's IRM.
PowerGRR is a PowerShell module for the GRR API, allowing automation and scripting for incident response and remote live forensics.
Automated tool for scripting complex sequences in cybersecurity frameworks.