From fc879a18215c56eb67096ebe599a18aecfd7e47b Mon Sep 17 00:00:00 2001 From: Paul Masek <30813009+itpropaul@users.noreply.github.com> Date: Thu, 24 Jun 2021 10:30:35 -0400 Subject: [PATCH] Added "AWS Incident Response Runbook Samples" --- README.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/README.md b/README.md index 577f7fc..ae87985 100644 --- a/README.md +++ b/README.md @@ -196,9 +196,9 @@ Digital Forensics and Incident Response (DFIR) teams are groups of people in an * [traceroute-circl](https://github.com/CIRCL/traceroute-circl) - Extended traceroute to support the activities of CSIRT (or CERT) operators. Usually CSIRT team have to handle incidents based on IP addresses received. Created by Computer Emergency Responce Center Luxembourg. * [X-Ray 2.0](https://www.raymond.cc/blog/xray/) - Windows utility (poorly maintained or no longer maintained) to submit virus samples to AV vendors. - ### Playbooks +* [AWS Incident Response Runbook Samples](https://github.com/aws-samples/aws-incident-response-runbooks/tree/0d9a1c0f7ad68fb2c1b2d86be8914f2069492e21) - AWS IR Runbook Samples meant to be customized per each entity using them. The three samples are: "DoS or DDoS attack", "credential leakage", and "unintended access to an Amazon S3 bucket". * [Counteractive Playbooks](https://github.com/counteractive/incident-response-plan-template/tree/master/playbooks) - Counteractive PLaybooks collection. * [GuardSIght Playbook Battle Cards](https://github.com/guardsight/gsvsoc_cirt-playbook-battle-cards) - A collection of Cyber Incident Response Playbook Battle Cards * [IRM](https://github.com/certsocietegenerale/IRM) - Incident Response Methodologies by CERT Societe Generale. @@ -241,7 +241,6 @@ Digital Forensics and Incident Response (DFIR) teams are groups of people in an * [Plaso](https://github.com/log2timeline/plaso) - a Python-based backend engine for the tool log2timeline. * [Timesketch](https://github.com/google/timesketch) - Open source tool for collaborative forensic timeline analysis. - ### Videos * [The Future of Incident Response](https://www.youtube.com/watch?v=bDcx4UNpKNc) - Presented by Bruce Schneier at OWASP AppSecUSA 2015.