Incident Response & Forensics
Solutions for responding to and investigating security incidents.

TheHive
A scalable, open-source security incident response platform that integrates case management, task assignment, and collaboration tools.

DFIR-ORC
Forensics artefact collection tool for systems running Microsoft Windows

Sparrow
Sparrow.ps1 is a PowerShell script developed by CISA's Cloud Forensics team to detect compromised accounts and applications in Azure and Microsoft 365 environments.

aws_ir
Python installable command line utility for mitigation of host and key compromises.

PagerDuty Postmortem Documentation
PagerDuty's Public Postmortem Documentation

PagerDuty Stakeholder Communications
A tool for managing internal stakeholder notifications during technical incidents, enhancing clarity and transparency.

PagerDuty Retrospectives Documentation
PagerDuty's Retrospectives Documentation provides a structured approach for teams to reflect on past incidents or projects to improve future outcomes.

PagerDuty Business Incident Response
A structured approach to managing the business implications of technical incidents, ensuring minimal disruption to operations and maintaining customer trust.

Going On Call
Repository for the Best Practices for On Call Teams Ops Guide

PagerDuty Automated Remediation
A tool designed to reduce mean time to recover (MTTR) and alert fatigue in incident response processes through automation.

PagerDuty Full Case Ownership Documentation
PagerDuty's Ops Guide for Customer Service Operations and Full Case Ownership