From 6c75fde30fa51808449400a263f5744224617c0c Mon Sep 17 00:00:00 2001 From: Herman Slatman Date: Tue, 17 Nov 2015 10:51:52 +0100 Subject: [PATCH 1/2] New category 'Incident Management' + Fast Incident Response --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 7a419d1..864f5c2 100644 --- a/README.md +++ b/README.md @@ -50,6 +50,10 @@ A curated list of tools for incident response * [MIG](http://mig.mozilla.org/) - Mozilla Investigator (MIG) is a platform to perform investigative surgery on remote endpoints. It enables investigators to obtain information from large numbers of systems in parallel, thus accelerating investigation of incidents and day-to-day operations security. * [FIDO](https://github.com/Netflix/Fido) - Fully Integrated Defense Operation (FIDO) by Netflix is an orchestration layer used to automate the incident response process by evaluating, assessing and responding to malware. FIDO’s primary purpose is to handle the heavy manual effort needed to evaluate threats coming from today's security stack and the large number of alerts generated by them. +### Incident Management +* [FIR](https://github.com/certsocietegenerale/FIR/) - Fast Incident Response (FIR) is an cybersecurity incident management platform designed with agility and speed in mind. It allows for easy creation, tracking, and reporting of cybersecurity incidents and is useful for CSIRTs, CERTs and SOCs alike. + + ### Other Tools * [Hindsight](https://github.com/obsidianforensics/hindsight) - Internet history forensics for Google Chrome/Chromium From 606c887b2ce89d02fd75192b99d84b6fb7cf84a5 Mon Sep 17 00:00:00 2001 From: Herman Slatman Date: Tue, 17 Nov 2015 10:53:46 +0100 Subject: [PATCH 2/2] Sandia Cyber Omni Tracker added --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 864f5c2..fbd6c70 100644 --- a/README.md +++ b/README.md @@ -52,6 +52,7 @@ A curated list of tools for incident response ### Incident Management * [FIR](https://github.com/certsocietegenerale/FIR/) - Fast Incident Response (FIR) is an cybersecurity incident management platform designed with agility and speed in mind. It allows for easy creation, tracking, and reporting of cybersecurity incidents and is useful for CSIRTs, CERTs and SOCs alike. +* [SCOT](http://getscot.sandia.gov/) - Sandia Cyber Omni Tracker (SCOT) is an Incident Response collaboration and knowledge capture tool focused on flexibility and ease of use. Our goal is to add value to the incident response process without burdening the user. ### Other Tools