KANVAS is an IR (incident response) case management tool with an intuitive desktop interface, built using Python. It provides a unified workspace for investigators working with SOD (Spreadsheet of Doom) or similar spreadsheets, enabling key...
While it may appear that every emergent Trojan or infostealer is a unique narrative defined by its own “signature,” the Splunk Threat Research Team has adopted a broader perspective, uncovering a disconcerting uniformity. Many...
BlueTriage has appeared on GitHub—a lightweight tool designed for rapid analysis of Windows logs. It ingests security events in JSON format, normalizes them into a unified schema, runs them through a set of simple...
Microsoft is introducing native Sysmon support in Windows, marking a significant shift in the security landscape. Capabilities that once required deploying a separate utility will now be integrated directly into the operating system, available...
Varalyze is a threat intelligence tool suite that combines a diverse range of web-based applications into one seamless platform through the use of APIs and python libraries. This allows for comprehensive security event triaging due...
IRIS – Incident Response Investigation System IRIS is a web collaborative platform for incident response analysts allowing them to share investigations at a technical level. It’s a web application, so it can be either...
