Incident Response & Forensics
Solutions for responding to and investigating security incidents.
Tools
AWS Security Incident Response
Incident Response & ForensicsAWS Security Incident Response automates the monitoring and investigation of security findings, streamlining communication and coordination for security management.
Timesketch
Incident Response & ForensicsCollaborative forensic timeline analysis
Respond IR
Incident Response & ForensicsAn incident response tool that automates the incident response process using machine learning and expert-defined rules.
GRR Rapid Response
Incident Response & ForensicsGRR Rapid Response: remote live forensics for incident response
ServiceNow Security Operations
Incident Response & ForensicsServiceNow Security Operations (SecOps) integrates and manages security tools and processes within an enterprise environment, enhancing cybersecurity posture and operational efficiency.
AWS Incident Response Playbooks
Incident Response & ForensicsA structured framework for incident response in AWS environments, leveraging native AWS services for log collection, threat detection, and incident management.
PagerDuty Incident Response Documentation
Incident Response & ForensicsPagerDuty's Incident Response Documentation for managing and responding to major incidents.
dfTimewolf
Incident Response & ForensicsA framework for orchestrating forensic collection, processing and data export
DFIR-ORC
Incident Response & ForensicsForensics artefact collection tool for systems running Microsoft Windows
Velociraptor
Incident Response & ForensicsA powerful tool for endpoint visibility and incident response, leveraging the Velociraptor Query Language (VQL) for customizable data collection.
Dispatch
Dispatch is an open-source incident management tool that automates tasks such as timelines, documentation, and communication during incidents.
TheHive
A scalable, open-source security incident response platform that integrates case management, task assignment, and collaboration tools.