Incident Response & Forensics
Solutions for responding to and investigating security incidents.
AWS Security Incident Response
AWS Security Incident Response automates the monitoring and investigation of security findings, streamlining communication and coordination for security management.
Tracee
A runtime security and forensics tool for Linux environments leveraging eBPF technology.
Respond IR
An incident response tool that automates the incident response process using machine learning and expert-defined rules.
Velociraptor
A powerful tool for endpoint visibility and incident response, leveraging the Velociraptor Query Language (VQL) for customizable data collection.
ServiceNow Security Operations
ServiceNow Security Operations (SecOps) integrates and manages security tools and processes within an enterprise environment, enhancing cybersecurity posture and operational efficiency.
Dispatch
Dispatch is an open-source incident management tool that automates tasks such as timelines, documentation, and communication during incidents.
Timesketch
Collaborative forensic timeline analysis
GRR Rapid Response
GRR Rapid Response: remote live forensics for incident response
PagerDuty Incident Response Documentation
PagerDuty's Incident Response Documentation for managing and responding to major incidents.
AWS Incident Response Playbooks
A structured framework for incident response in AWS environments, leveraging native AWS services for log collection, threat detection, and incident management.
TheHive
A scalable, open-source security incident response platform that integrates case management, task assignment, and collaboration tools.
dfTimewolf
A framework for orchestrating forensic collection, processing and data export