Free
FastFinder
DFIRTrack is an open source web application focused on incident response for handling major incidents with many affected systems, tracking system status, tasks, and artifacts.
Security Operations
Tools for security operations including incident response, threat hunting and SOC automation
Try these 133 AI Security Operations Tools
Free
FastIntercept
A Serverless Security Orchestration Automation and Response (SOAR) Framework for AWS GuardDuty with various supported actions.
Free
FIR (Fast Incident Response)
A human risk management platform that identifies, assesses, and mitigates security risks associated with employee behavior through monitoring, targeted interventions, and comprehensive reporting.
Free
GDPatrol
A compilation of suggested tools for each component in a detection and response pipeline, with real-world examples, to design effective threat detection and response pipelines.
Free
GRR Rapid Response
A mature SIEM environment is critical for successful SOAR implementation.
Free
Hardentools
Automate security incident handling and facilitate real-time activities of incident handlers.
Free
INCIDENTS
Malware allows attackers to execute Windows commands from a remote environment
Free
Incident Response Investigation System (IRIS)
Collection of scripts and resources for DevSecOps, Security Automation and Automated Incident Response Remediation.
Free
InvalidSign
A comprehensive auditd configuration for Linux systems following best practices.
Free
ir-rescue
A collection of Cyber Incident Response Playbook Battle Cards (PBC) for combating cyber threats and attacks, following a prescriptive approach inspired by CERT Societe Generale's IRM.
Free
IRM-2022
Incident response and digital forensics tool for transforming data sources and logs into graphs.
Free
JIMI SOAR
Detect signed malware and track stolen code-signing certificates using osquery.
Free
Kansa
A Live Response collection script for Incident Response that automates the collection of artifacts from various Unix-like operating systems.
Free
LeakedIn.com
Shuffle is a platform for automating security workflows with confidence, offering templates, collaboration tools, and a large app library.
Free
Living Security Human Risk Management Platform
Incident response platform for automating alert handling and incident response procedures.
Free
Mature SIEM Environment for SOAR Implementation
Catalyst is a SOAR system that automates alert handling and incident response processes, adapting to your workflows and being open source.
Free
Megatron
A project that uses Athena and EventBridge to investigate API activity and notify of actions for incident response and misconfiguration detection.
Free
Microsoft Sentinel Security Playbooks
Malware allows attackers to execute Windows commands from a remote environment
Free
Morgue
Exabeam Security Operations Platform is a cloud-native security platform that applies AI and automation to security operations workflows for threat detection, investigation, and response.
Free
NERC Alerts
An automation platform with community support and documentation for easy development.
Free
Network Intelligence
Receive important notifications and updates related to North American electric grid security.
Free
npm Blog Archive: Plot to steal cryptocurrency foiled by the npm security team
Incident response framework focused on remote live forensics