Free
CIRTKit
A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.
Security Operations
Tools for security operations including incident response, threat hunting and SOC automation
Try these 133 AI Security Operations Tools
Free
Clinv
An open-source, drag-and-drop security workflow builder with integrated case management for automating security workflows and tackling alert fatigue.
Free
COPS - Collaborative Open Playbook Standard
npm security team foils plot to steal $13 million in cryptocurrency
Free
Cortex XSOAR Platform - Content Repository
A panic button app for triggering a ripple effect across apps responding to panic events
Free
CORTEX XSOAR
A remediation orchestration platform that consolidates security alerts, automates triage, and streamlines the remediation process across hybrid environments.
Free
Crowdstrike Charlotte AI
Automated Digital Forensics and Incident Response (DFIR) software for rapid incident response and intrusion investigations.
Free
CrowdStrike Falcon Orchestrator
Scumblr is a web application for periodic syncs of data sources and security analysis to streamline proactive security.
Free
Custom Activities Repository
A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.
Free
Cyber Incident Response Playbook Battle Cards
A panic button app for triggering a ripple effect across apps responding to panic events
Free
Cyber Triage
AWS Community repository of custom Config rules with instructions for leveraging and developing AWS Config Rules.
Free
CyberCPR
Open source application to instantly remediate common security issues through the use of AWS Config.
Free
Darktrace
A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.
Free
Datadog
Repository of default playbooks and custom functions for Splunk SOAR instances with content migration to Splunk's GitHub.
Free
Detecting Lateral Movement through Tracking Event Logs (Version 2)
Detailed analysis of the event-stream incident and actions taken by npm Security.
Free
Detection and Response Pipeline
Incident response and digital forensics tool for transforming data sources and logs into graphs.
Free
DevOcean
A DFIR console integrating various cybersecurity tools and frameworks for efficient incident response.
Free
DFIRTrack
A custom activity repository for Ayehu NG automation platform, allowing users to create and modify activities to fit their specific needs.
Free
Dispatch
A robust and flexible hunt and incident response tool for investigating AzureAD, Azure, and M365 environments.
Free
Dropzone AI
Open-source, free, and scalable cyber threat intelligence and security incident response solution with improved performance and new features.
Free
Enterprise Detection & Response: A Simple Hunting Maturity Model
Receive important notifications and updates related to North American electric grid security.
Free
Exabeam Security Operations Platform
A Live Response collection script for Incident Response that automates the collection of artifacts from various Unix-like operating systems.
Free
Fargate IR Proof of Concept
A collection of incident response methodologies for various security incidents, providing easy-to-use operational best practices.