From 2f13ee5a59fcdce2cd7940b75196d2a160f4d652 Mon Sep 17 00:00:00 2001 From: Herman Slatman Date: Wed, 1 Jun 2016 21:51:21 +0200 Subject: [PATCH] Added Doorman --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 504eebc..d31b1ee 100644 --- a/README.md +++ b/README.md @@ -75,6 +75,7 @@ A curated list of tools and resources for security incident response, aimed to h * [Belkasoft Evidence Center](https://belkasoft.com/ec) - The toolkit will quickly extract digital evidence from multiple sources by analyzing hard drives, drive images, memory dumps, iOS, Blackberry and Android backups, UFED, JTAG and chip-off dumps * [CIRTkit](https://github.com/byt3smith/CIRTKit) - CIRTKit is not just a collection of tools, but also a framework to aid in the ongoing unification of Incident Response and Forensics investigation processes * [Kolide](https://github.com/mephux/kolide) - Kolide is an agentless osquery web interface and remote api server. Kolide was designed to be extremely portable (a single binary) and performant while keeping the codebase simple. It replaces Envdb. +* [Doorman](https://github.com/mwielgoszewski/doorman) - Doorman is an osquery fleet manager that allows remote management of osquery configurations retrieved by nodes. It takes advantage of osquery's TLS configuration, logger, and distributed read/write endpoints, to give administrators visibility across a fleet of devices with minimal overhead and intrusiveness. ### Incident Management * [FIR](https://github.com/certsocietegenerale/FIR/) - Fast Incident Response (FIR) is an cybersecurity incident management platform designed with agility and speed in mind. It allows for easy creation, tracking, and reporting of cybersecurity incidents and is useful for CSIRTs, CERTs and SOCs alike