Incident Response

Threat Intelligence Platforms

Crafting the InfoSec Playbook on SecurityListing: A practical guide to developing a comprehensive security monitoring and incident response strategy, covering incident response fundamentals, threat analysis, and data analysis.

Penetration Testing

Corsica Technologies Security Consulting Services on SecurityListing: A cybersecurity consulting service that provides security assessments, compliance guidance, and strategic planning across multiple industries with flexible engagement models.

Cyber 50 Defense

GRC

Cyber 50 Defense is an UAE-based cybersecurity company offering governance, risk and compliance (GRC) solutions, 24/7 managed protection, security assessments, incident response, and compliance servic

Digital Forensics and Incident Response

CBRX on SecurityListing: CBRX is a cloud-based platform that automates incident analysis and reporting for cybersecurity teams.

Threat Intelligence Platforms

Analyst1 Orchestrated Threat Intelligence Platform on SecurityListing: Orchestrated threat intelligence platform for CTI and SOC teams

Threat Hunting

Logsign Unified SO Platform on SecurityListing: SOAR platform automating threat detection, incident response, and workflows

Network Detection and Response

Arkime on SecurityListing: Arkime is an open-source network capture and analysis tool that provides comprehensive network visibility, facilitating swift identification and resolution of security and network issues.

Threat Hunting

Mandiant Threat Defense on SecurityListing: Managed threat detection, hunting, and response service by Mandiant experts

Endpoint Detection and Response

Lumifi ShieldVision™ on SecurityListing: SOAR platform with investigation, automation, and incident mgmt capabilities

Security Orchestration Automation and Response

Dropzone AI on SecurityListing: Dropzone AI is an autonomous AI agent for SOCs that performs end-to-end investigations of security alerts, integrating with existing cybersecurity tools and data sources.

Axon Technologies

Data Protection

Axon Technologies is a UAE-headquartered cybersecurity services company focused on protecting critical infrastructure and building a safer digital society. The company offers a complete information se

Network Security

Intrusion Detection Honeypots on SecurityListing: A foundational guide for using deception against computer network adversaries using honeypots to detect adversaries before they accomplish their goals.

Threat Intelligence Platforms

D3 Morpheus AI SOC on SecurityListing: AI-driven SOC platform for automated alert triage, investigation, and response

Industry Reports

2024 Data Breach Investigations Report on SecurityListing: Get insights into the latest cybersecurity trends and expert advice on enhancing organizational security.

Managed Security Service Providers

Liquid C2 Cyber Defence Services on SecurityListing: Managed cyber defense services for threat detection and response

Digital Forensics and Incident Response

Art of Memory Forensics on SecurityListing: A comprehensive guide to memory forensics, covering tools, techniques, and procedures for analyzing volatile memory.

Threat Hunting

Pulsedive on SecurityListing: Pulsedive is a threat intelligence platform that provides frictionless threat intelligence for growing teams, offering features such as indicator enrichment, threat research, and API integration.

Offensive Security

Combatting Incident Responders with Apache mod_rewrite on SecurityListing: Using Apache mod_rewrite rules to rewrite incident responder or security appliance requests to an innocuous website or the target's real website.

Security Orchestration Automation and Response

Zenduty on SecurityListing: Zenduty's platform provides real-time operational health monitoring and incident response orchestration to improve incident response times and build a solid on-call culture.

Threat Hunting

Netlas on SecurityListing: Threat intelligence and digital risk protection platform

Digital Forensics and Incident Response

Belkasoft Evidence Center on SecurityListing: Comprehensive digital forensics and incident response platform for law enforcement, corporate, and academic institutions.

Threat Hunting

Attic MDR on SecurityListing: 24/7 managed detection and response service for Microsoft 365 environments

Guides

Incident Response Flowchart on SecurityListing: A structured approach to managing and responding to suspected security events or incidents.

Digital Forensics and Incident Response

Binalyze AIR on SecurityListing: Modern digital forensics and incident response platform with comprehensive tools.

Threat Intelligence Platforms

InfinityAI on SecurityListing: Infinity Platform / Infinity AI is an AI-powered threat intelligence and generative AI service that combines AI-powered threat intelligence with generative AI capabilities for comprehensive threat prevention, automated threat response, and efficient security administration.

Digital Forensics and Incident Response

Belkasoft X Forensic on SecurityListing: A reliable end-to-end DFIR solution for boosting cyber incident response and forensics capacity.

Penetration Testing

KFSensor on SecurityListing: KFSensor is an advanced Windows honeypot system for detecting hackers and worms by simulating vulnerable system services.

Security Operations

Bifrozt on SecurityListing: High interaction honeypot solution for Linux systems with data control and integrity features.

Digital Forensics and Incident Response

CrowdStrike Community Tools on SecurityListing: Free tools for the CrowdStrike customer community to support their use of the Falcon platform.

Threat Hunting

Enterprise Detection & Response: A Simple Hunting Maturity Model on SecurityListing: A simple maturity model for enterprise detection and response

Threat Hunting

Prophet Security Prophet AI Threat Hunter on SecurityListing: AI-driven threat hunting platform for SOC alert triage and investigation

Threat Hunting

Hunters Pathfinder AI on SecurityListing: AI-driven SOC platform with autonomous threat detection, investigation & response

Endpoint Detection and Response

FortiEDR on SecurityListing: FortiEDR is an automated endpoint security solution that integrates with the Fortinet Security Fabric and third-party solutions to reduce MTTR and provide real-time breach detection and response.

Cyber Range Training

DFIR CTF: Precision Widgets of North Dakota Intrusion on SecurityListing: A cybersecurity challenge where you play the role of an incident response consultant investigating an intrusion at Precision Widgets of North Dakota.

Endpoint Detection and Response

OODA-driven SOC Strategy on SecurityListing: Utilizing SIEM, SOAR, and EDR technologies to enhance security operations with a focus on reducing incident response time.

Threat Intelligence Platforms

NSFOCUS Threat Intelligence on SecurityListing: Threat intelligence platform providing actionable insights from global sources

Digital Forensics and Incident Response

Practical Memory Forensics on SecurityListing: A practical guide to enhancing digital investigations with cutting-edge memory forensics techniques, covering fundamental concepts, tools, and techniques for memory forensics.

Threat Hunting

ThreatConnect Polarity on SecurityListing: Overlay tool providing real-time threat intel & context across security tools

Threat Intelligence Platforms

Lumifi Cyber Cyber Threat Intelligence (CTI) on SecurityListing: Curated threat intelligence service using Anomali ThreatStream platform

Threat Hunting

Quorum Cyber Emergency MDR on SecurityListing: Emergency MDR service for orgs experiencing active cyber incidents or attacks

Threat Intelligence Platforms

DataPlane.org on SecurityListing: Dataplane.org is a nonprofit organization providing free data, tools, and analysis to increase awareness of Internet trends, anomalies, threats, and misconfigurations.

Threat Intelligence Platforms

Hybrid-Analysis on SecurityListing: Falcon Sandbox is a malware analysis framework that provides in-depth static and dynamic analysis of files, offering hybrid analysis, behavior indicators, and integrations with various security tools.

Threat Intelligence Platforms

DBAppSecurity DAS Network Detection and Response (DAS-NDR) on SecurityListing: Network detection and response system for threat detection and analysis

Digital Forensics and Incident Response

Detecting Lateral Movement through Tracking Event Logs (Version 2) on SecurityListing: A report on detecting lateral movement through tracking event logs, updated to include analysis of various tools and commands used by attackers.

Security Orchestration Automation and Response

Shuffler on SecurityListing: Shuffle Automation provides an open-source platform for security orchestration, automation, and response.

Security Orchestration Automation and Response

Logpoint SOAR & Automation on SecurityListing: SOAR platform for automated alert triage, investigation, and response

Threat Hunting

NSFOCUS Intelligent Security Operations Platform on SecurityListing: XDR platform with SOAR capabilities for security operations centers

Threat Hunting

Google Cloud Incident Response Cheat Sheet on SecurityListing: A comprehensive incident response and threat hunting tool for Google Cloud Platform, providing logs and forensic data for effective incident response and threat hunting.

Threat Hunting

InQuest Labs on SecurityListing: The Trystero Project is a threat intelligence platform that measures email security efficacy and provides various tools and resources, while VMware Carbon Black offers endpoint protection and workload security solutions.

Future Data Me

Data Protection

Future Data Me appears to be a cybersecurity-focused company offering data security and cyber security expertise, with services spanning security and digital marketing as part of its offerings. The ho

Threat Hunting

HoneyDB on SecurityListing: HoneyDB is a honeypot-based threat intelligence platform that provides real-time insights into attacker behavior and malicious activity on networks.

Security Operations

Bait and Switch Honeypot on SecurityListing: An active and aggressive honeypot tool for network security.

Threat Hunting

Incident Response with Threat Intelligence on SecurityListing: A comprehensive guide to developing an incident response capability through intelligence-based threat hunting, covering theoretical concepts and real-life scenarios.

Endpoint Detection and Response

Metasploit on SecurityListing: A penetration testing framework for identifying and exploiting vulnerabilities.

CYGEN

Cloud Security

CYGEN is a cybersecurity company offering data-driven, customized security solutions to protect digital assets and ensure business continuity. With five years in operation, they serve clients across E

Security Orchestration Automation and Response

StrangeBee Cortex on SecurityListing: Open-source observable analysis engine and companion tool for TheHive platform

Data Loss Prevention

Proofpoint Insider Threat Management on SecurityListing: A security solution that monitors, detects, and responds to insider threats by providing visibility into user activities across endpoints, email, and cloud to prevent data loss from careless, compromised, or malicious insiders.

Data Loss Prevention

Quorum Cyber Clarity on SecurityListing: Managed security services platform offering MDR, threat detection, and DLP

Digital Forensics and Incident Response

CyberCPR on SecurityListing: Incident response and case management solution for efficient incident response and management.

Guides

Incident Response Techniques for Ransomware Attacks on SecurityListing: A comprehensive guide to understanding and responding to modern ransomware attacks, covering incident response, cyber threat intelligence, and forensic analysis.

Exposure Management

With Secure Elements Platform on SecurityListing: WithSecure Elements Cloud is a modular cybersecurity platform that combines AI-powered software and expert services to provide comprehensive protection across endpoints, identities, and cloud environments.

Threat Intelligence Platforms

Logsign Unified Security Operations Platform on SecurityListing: Unified security operations platform combining SIEM, TI, UEBA, and TDIR

Dynamic Application Security Testing

Miggo Security on SecurityListing: Application monitoring and security platform that provides runtime visibility, threat detection, and automated response capabilities for application-layer security

Threat Intelligence Platforms

HIHAT - High Interaction Honeypot Analysis Toolkit on SecurityListing: A toolkit that transforms PHP applications into web-based high-interaction Honeypots for monitoring and analyzing attacks.

Security Information and Event Management

LogRythm SIEM on SecurityListing: LogRhythm SIEM is a comprehensive security information and event management platform that collects, analyzes, and responds to security events across an organization's IT infrastructure.

Security Information and Event Management

Graylog on SecurityListing: Graylog offers advanced log management and SIEM capabilities to enhance security and compliance across various industries.

Threat Hunting

Mandiant Managed Defense on SecurityListing: 24/7 managed threat detection, investigation, and response service

Compliance Management

ISO2HANDLE on SecurityListing: ISO2HANDLE is a powerful software that provides a total solution for Q&R professionals, trusted by over 50,000 users and 750+ organizations worldwide.

Guides

Incident Response & Computer Forensics, Third Edition on SecurityListing: A comprehensive guide to incident response and computer forensics, covering the entire lifecycle of incident response and remediation.

Threat Hunting

Highlighter on SecurityListing: Highlighter is a FireEye Market app that integrates with FireEye products to provide enhanced cybersecurity capabilities.

Threat Hunting

Huntbase Platform on SecurityListing: Platform for threat investigation with automation and knowledge management

Threat Intelligence Platforms

CISA Cybersecurity Alerts on SecurityListing: The Cybersecurity and Infrastructure Security Agency (CISA) is a government agency that provides alerts, advisories, and resources to help protect the United States' critical infrastructure from cyber threats.

Endpoint Detection and Response

CyberMaxx MaxxMDR on SecurityListing: MDR solution combining threat detection, response, and offensive security

Security Orchestration Automation and Response

Prophet Security Prophet AI on SecurityListing: AI-driven SOC platform for automated alert triage, investigation & response

Threat Intelligence Platforms

D3 Security Smart SOAR on SecurityListing: SOAR platform for security orchestration, automation, and incident response

Threat Hunting

Golismero on SecurityListing: A free and open-source OSINT framework for gathering and analyzing data from various sources

Endpoint Protection Platform

Morphisec Breach Prevention Platform on SecurityListing: Endpoint security platform using Moving Target Defense to prevent cyber attacks and provide adaptive exposure management and threat prevention.

Threat Hunting

D3 Smart SOAR on SecurityListing: SOAR platform with automated threat hunting and investigation capabilities

Risk Assessment

ORNA Digital Incident Response Plan on SecurityListing: Digital incident response plan built on SANS 504-B framework

Digital Risk Protection

GroupSense Ransomware Readiness on SecurityListing: Ransomware preparedness & response service with playbooks and negotiation

Threat Intelligence Platforms

Cymru RADAR on SecurityListing: Real-time threat intelligence platform for external cyber threat defense

Threat Hunting

Logpoint NDR on SecurityListing: A network detection and response solution that uses AI and machine learning to monitor network traffic, identify malicious behavior, and connect related security events to reveal attack patterns without requiring endpoint agents.

Threat Intelligence Platforms

Gradient Cyber Quorum™ on SecurityListing: Unified threat detection platform for network, endpoint, cloud, and user telemetry

Zero Trust Network Access

Aireye WDR (Wireless Detection and Response) on SecurityListing: WDR platform for Wi-Fi security protecting IT/OT assets wirelessly

Threat Intelligence Platforms

CyberForce|Q COSOC on SecurityListing: 24x7x365 Security Operations Center with threat detection and response services

Security Orchestration Automation and Response

Catalyst SOAR on SecurityListing: Catalyst is a SOAR system that automates alert handling and incident response processes, adapting to your workflows and being open source.

Threat Hunting

Quorum Cyber Clarity Extend on SecurityListing: Managed detection and response service with 24/7 SOC monitoring

Threat Intelligence Platforms

Cofense Reporter on SecurityListing: A phishing detection and response platform that combines human intelligence from millions of trained employees with AI/ML to identify and remediate email threats that bypass traditional security gateways.

Threat Intelligence Platforms

The Pyramid of Pain on SecurityListing: A cybersecurity concept categorizing indicators of compromise based on their level of difficulty for threat actors to change.

Threat Hunting

Intezer on SecurityListing: Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.

Cheat Sheets

Intrusion Discovery Cheat Sheet v2.0 on SecurityListing: A comprehensive guide for system administrators to detect and identify potential security threats on Windows 2000 systems.

Threat Hunting

INE Security on SecurityListing: INE Security offers a range of cybersecurity certifications, including penetration testing, mobile and web application security, and incident response.

Security Information and Event Management

LogRhythm Axon on SecurityListing: A cloud-native SIEM platform that provides security analytics, intuitive workflow, and simplified incident response to help security teams defend against cyber threats.

Threat Hunting

Hunters SOC Platform on SecurityListing: Next-gen SIEM with AI-powered alert investigation and automated response

Security Operations

Kojoney on SecurityListing: A honeypot for the SSH Service

Threat Hunting

Netsurion Managed Detection and Response on SecurityListing: MDR service with 24x7 SOC, XDR platform, and threat hunting capabilities

Security Awareness Training

Quorum Cyber Incident Response Preparedness on SecurityListing: IR preparedness services including readiness assessments and tabletop exercises

Threat Hunting

Reveald ManagedExtended Detection and Response XDR on SecurityListing: Managed XDR service built on CrowdStrike Falcon LogScale platform

Threat Hunting

Gradient Cyber MXDR on SecurityListing: Managed XDR service with 24/7 SOC for mid-market threat detection & response

Offensive Security

Theos Red Teaming on SecurityListing: Red teaming service simulating real-world adversary attacks on organizations.

Risk Assessment

Accenture Cybersecurity Consulting on SecurityListing: Enterprise cybersecurity consulting and managed services provider

Threat Intelligence Platforms

CSIS Emergency Response Retainers on SecurityListing: 24/7 incident response retainer service with guaranteed availability

Security Awareness Training

Ridge IT Managed IT on SecurityListing: Managed IT and cybersecurity services provider with Zero Trust implementation

Endpoint Detection and Response

Qevlar AI on SecurityListing: AI-powered cloud security alert investigation and remediation platform

Digital Forensics and Incident Response

WindowsSCOPE on SecurityListing: A comprehensive incident response tool for Windows computers, providing advanced memory forensics and access to locked systems.

Security Orchestration Automation and Response

Simbian AI SOC Agent on SecurityListing: AI agent that autonomously investigates, triages, and responds to security alerts

Threat Hunting

D3 Security Morpheus AI on SecurityListing: AI-powered autonomous SOC platform for alert triage and investigation automation

Database Security

SolarWinds Observability on SecurityListing: Unified observability platform for IT infrastructure, apps, and databases

Threat Intelligence Platforms

SIRP OmniSense™ on SecurityListing: AI-native autonomous SOC platform for threat detection and response

Threat Intelligence Platforms

Torq Hyperautomation on SecurityListing: Security hyperautomation platform for SOC workflow automation with AI agents

Threat Hunting

Theos Managed Threat Detection & Response on SecurityListing: 24/7 managed threat detection and response service with SOC monitoring

EG-CERT

Services

EG-CERT is charged with providing computer and information security incident response, support, defense and analysis against cyber attacks and collaboration with governmental, financial entities and a

Threat Hunting

TENEX Incident Response on SecurityListing: AI-driven MDR service with automated incident response and threat detection

Threat Intelligence Platforms

Scout Insight on SecurityListing: Provides advanced external threat intelligence to help organizations proactively identify and mitigate potential security threats.

MMA Infosec

Network Security

MMA Infosec is a cybersecurity firm with over two decades of experience in network and cyber security. The company focuses on transforming customers from reactive to resilient, aiming to move beyond m

Threat Intelligence Platforms

Stamus Networks Clear NDR on SecurityListing: Network detection and response platform for threat detection and analysis

Security Orchestration Automation and Response

StrangeBee TheHive IaaS Images on SecurityListing: Collaborative case management platform for incident response and investigation

Vulnerability Assessment

Blackpanda IR-1 on SecurityListing: SaaS platform for incident response, vulnerability scanning, and cyber insurance

Threat Intelligence Platforms

Rewterz XDR on SecurityListing: XDR platform for threat monitoring, detection, and response across environments

Vulnerability Assessment

Risk Cognizance GRCaaS MSSP Business Launchpad with vCISO Services on SecurityListing: Platform for launching MSSP businesses with GRCaaS and vCISO services

Endpoint Detection and Response

Rootkit Hunter on SecurityListing: A Unix-based tool that scans for rootkits and other malware on a system, providing a detailed report of the scan results.

Threat Hunting

MaxxMDR MDR + NDR on SecurityListing: Managed detection & response with network detection & response capabilities

Threat Hunting

Reveald ManagedDetection and Response on SecurityListing: MDR service for CrowdStrike, Microsoft, and Trellix endpoints with 24/7 monitoring

Threat Intelligence Platforms

Ryan Stillions: On TTPs on SecurityListing: In-depth analysis of real-world attacks and threat tactics

Extended Detection and Response

Performanta Safe XDR on SecurityListing: XDR service for continuous threat exposure management and automated response

Threat Hunting

PAGO DeepACT on SecurityListing: MDR platform combining threat detection, hunting, and real-time containment

Threat Hunting

Company Chat Widget on SecurityListing: Managed Detection and Response service provider

Vulnerability Assessment

ThreatDown EDR on SecurityListing: Powerfully simple endpoint security solution that takes down threats without interrupting business.

Security Information and Event Management

Exabeam Security Operations Platform on SecurityListing: Exabeam Security Operations Platform is a cloud-native security platform that applies AI and automation to security operations workflows for threat detection, investigation, and response.

Digital Forensics and Incident Response

Timeline Explorer v0.4.0.0 on SecurityListing: A powerful tool for analyzing and visualizing system activity timelines.

Security Awareness Training

ORNA AI Crisis Simulation on SecurityListing: AI-driven tabletop exercise platform for cyber crisis simulation training

Threat Hunting

Radiant Agentic AI on SecurityListing: AI-powered SOC platform for automated alert triage, incident response & logging

Threat Intelligence Platforms

The DFIR Report on SecurityListing: In-depth threat intelligence reports and services providing insights into real-world intrusions, malware analysis, and threat briefs.

Threat Intelligence Platforms

Galia IT Dedicated SOC on SecurityListing: Managed SOC service with dedicated security teams for IT and OT environments

Threat Hunting

AfterGlow on SecurityListing: Visualize and analyze network relationships with AfterGlow

Risk Assessment

Stealth-ISS Cybersecurity Readiness Assessment on SecurityListing: Cybersecurity readiness assessment service evaluating security posture

Threat Hunting

SOAR on SecurityListing: A Security Orchestration, Automation and Response (SOAR) platform for incident response and threat hunting.

Threat Hunting

Team Cymru Pure Signal™ Scout on SecurityListing: Real-time threat intelligence platform for external threat visibility and IoC analysis

Threat Hunting

ThreatQuotient ThreatQ Platform on SecurityListing: Threat intelligence platform for detection, investigation, and response

Threat Intelligence Platforms

Phriendly Phishing Phish Focus on SecurityListing: Email triage solution with threat analysis and automation for phishing detection

Penetration Testing

Windows Command Line Cheat Sheet on SecurityListing: A comprehensive Windows command-line reference guide for security professionals, system administrators, and incident responders.

Digital Forensics and Incident Response

MFT Parsers Review on SecurityListing: Review of various MFT parsers used in digital forensics for analyzing NTFS file systems.

Endpoint Detection and Response

Todyl Managed eXtended Detection & Response on SecurityListing: 24/7 managed XDR service with SOC, threat hunting, and dedicated analysts

Digital Forensics and Incident Response

Sucuri Website Malware Removal & Protection on SecurityListing: Website malware removal service with WAF, monitoring, and cleanup support

Digital Forensics and Incident Response

RTIR on SecurityListing: Request Tracker for Incident Response (RTIR) is a tool for incident response teams to manage incident reports, correlate data, and facilitate communication.