Search Results for "incident response management"
Sort By:
Showing 206 open source projects for "incident response management"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
1
Incident Response Automation
Incident Response Automation Tool
This tool simulates automated defensive actions, such as blocking an IP address on a firewall, in response to detected threats. Quick Start To use this tool, run the responder: # Block an IP address python lab_runner.py incident-response --ip 10.10.10.xxx --reason "Malicious Activity Detected" -
2
xyOps
A complete workflow automation and server monitoring system
xyOps is an all-in-one operations platform that combines job scheduling, workflow automation, server monitoring, alerting, and incident response into a single cohesive system. Instead of stitching together separate tools for cron jobs, runbooks, health checks, on-call alerts, and incident workflows, xyOps aims to keep the whole automation and reliability stack in one place. It is built with developers and ops teams in mind, emphasizing control, extensibility, and the ability to run the platform anywhere without vendor lock-in. ... -
3
Wazuh
The Open Source Security Platform
Wazuh is an open-source, unified security platform that delivers extended detection and response (XDR) and SIEM capabilities for on-premises, cloud, container, and endpoint environments. It provides comprehensive threat prevention, detection, integrity monitoring, incident response, and compliance monitoring. SIEM functionality to monitor security across endpoints, workloads, and containers. Centralized architecture enabling scalable deployment and unified management. ... -
4
NoneBot
Asynchronous multi-platform robot framework written in Python
Use NB-CLI to quickly build your own robot. Plug-in development, modular management. Supports multiple platforms and multiple incident response methods. Asynchronous priority development to improve operational efficiency. Simple and clear dependency injection system, built-in dependency functions reduce user code. NoneBot2 is a modern, cross-platform, and extensible Python chatbot framework. It is based on Python's type annotations and asynchronous features, and can provide convenient and flexible support for your needs. ... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
Checkmate
Checkmate is an open-source, self-hosted tool
Checkmate is an open-source, self-hosted infrastructure monitoring platform that provides real-time visibility into server health, uptime, response times, and incident activity through a modern web interface. The application continuously checks whether websites and services are accessible and performing optimally, generating alerts and reports when availability or performance degrades. It supports detailed infrastructure monitoring through an optional agent called Capture, which collects hardware metrics such as CPU, memory, disk usage, and temperature from remote machines. ... -
6
Keep
The open-source alert management and AIOps platform
Single pane of glass, filtering, bi-directional integrations, alert correlation, workflows, enrichment, dashboards. Keep is an alerting framework for DevOps that integrates with various monitoring tools, helping teams manage alerts and notifications effectively. -
7
GRR
GRR Rapid Response, remote live forensics for incident response
GRR Rapid Response is an incident response framework focused on remote live forensics. It consists of a python client (agent) that is installed on target systems, and python server infrastructure that can manage and talk to clients. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. -
8
Prowler
An open source security tool to perform AWS security assessment
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening, and forensics readiness. It contains more than 200 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks. Prowler is a command-line tool that helps you with AWS security assessment, auditing, hardening, and incident response. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has more than 100 additional checks related to GDPR, HIPAA, PCI-DSS, ISO-27001, FFIEC, SOC2, and others. +200 checks covering security best practices across all AWS regions and most AWS services. ... -
9
Personal Security Checklist
A compiled checklist of 300+ tips for protecting digital security
...It’s organized so that complete beginners can make quick, high-impact changes, while advanced users can dig into deeper hardening steps. The guidance spans topics like passwords, 2FA, device encryption, browser hygiene, network safety, backups, and incident response planning. Each section breaks recommendations into actionable, bite-sized items with brief explanations, helping you understand the “why” as well as the “how.” The repository is continuously refined by a large community, which keeps the content practical, vendor-neutral, and up to date with evolving threats and best practices. ... -
Application Monitoring That Won't Slow Your App DownFull APM with errors, performance, logs, and uptime monitoring. 99.999% uptime SLA on the platform itself.
-
10
Volatility
An advanced memory forensics framework
...It enables investigators and malware analysts to extract process lists, network connections, DLLs, strings, artifacts, and more. Volatility supports many plugins for detecting hidden processes, malware, rootkits, and event tracing. It’s essential in digital forensics and incident response workflows. -
11
OpenStatus
Status page with uptime monitoring & API monitoring as code
OpenStatus is an open-source synthetic monitoring and status page platform designed to help teams track the availability and performance of websites, APIs, and services from multiple global locations. It continuously probes configured endpoints and alerts users when latency thresholds are exceeded or outages occur, enabling proactive incident response. The platform also generates customizable public or private status pages that automatically reflect real-time service health, improving transparency with customers and stakeholders. Built with modern web technologies such as Next.js and Tailwind CSS, openstatus supports both managed deployments and self-hosted environments using lightweight Docker images. ... -
12
OneUptime
OneUptime is the complete open-source observability platform
OneUptime is a comprehensive solution for monitoring and managing your online services. Whether you need to check the availability of your website, dashboard, API, or any other online resource, OneUptime can alert your team when downtime happens and keep your customers informed with a status page. OneUptime also helps you handle incidents, set up on-call rotations, run tests, secure your services, analyze logs, track performance, and debug errors. -
13
Sysdig
Linux system exploration and troubleshooting tool
...Visualize all network communication across apps and services. Apply microsegmentation by automating Kubernetes-native network policies. Unify threat detection and incident response across containers, Kubernetes, and cloud with out-of-the-box Falco rules leveraging syscalls, Kubernetes audit logs and cloud logs. Gain deep insight with container and Kubernetes monitoring that is fully Prometheus compatible. Validate compliance against standards like PCI, NIST and SOC2 for containers, hosts, Kubernetes and cloud. ... -
14
Timesketch
Collaborative forensic timeline analysis
...Integrations with popular DFIR pipelines make ingestion repeatable, while role-based access and audit logs support enterprise workflows. By combining scale, collaboration, and reproducibility, Timesketch moves incident response beyond ad-hoc spreadsheets to a durable, team-oriented investigation record. -
15
Kener
Kener is a Modern Self hosted Status Page, batteries included
Kener: Open-source Node.js status page tool, designed to make service monitoring and incident handling a breeze. It offers a sleek and user-friendly interface that simplifies tracking service outages and improves how we communicate during incidents. And the best part? Kener integrates seamlessly with GitHub, making incident management a team effort—making it easier for us to track and fix issues together in a collaborative and friendly environment. -
16
UTMStack
Customizable SIEM and XDR powered by Real-Time correlation
Welcome to the UTMStack open-source project! UTMStack is a unified threat management platform that merges SIEM (Security Information and Event Management) and XDR (Extended Detection and Response) technologies. Our unique approach allows real-time correlation of log data, threat intelligence, and malware activity patterns from multiple sources, enabling the identification and halting of complex threats that use stealthy techniques. -
17
Prymitive karma
Alert dashboard for Prometheus Alertmanager
Alertmanager UI is useful for browsing alerts and managing silences, but it's lacking as a dashboard tool - karma aims to fill this gap. Karma is an alert dashboard for managing Prometheus Alertmanager alerts, allowing users to filter, group, and silence alerts for better incident management. -
18
aws-cli
Universal Command Line Interface for Amazon Web Services
...Waiters, paginators, and retries handle long-running or large list operations cleanly so scripts are resilient. The CLI’s stability and extensive documentation make it a cornerstone for CI/CD, incident response, and day-to-day operations. -
19
Fabric
Fabric is an open-source framework for augmenting humans using AI
Fabric is a command-line framework that turns a curated library of prompt “patterns” into reusable, automatable workflows for large language models. Instead of repeatedly crafting ad-hoc prompts, you pick a pattern (for research, summarization, brainstorming, code review, and more) and feed it inputs or files. The tool standardizes execution with configuration files and environment variables, enabling reproducible runs across different models and providers. Patterns can be customized with... -
20
ASN
Command line ASN lookup, network recon, and traceroute tool
...In addition to its command line usage, asn can run as a web-based traceroute server or as a self-hosted lookup API that returns JSON-formatted data for automated workflows. This flexibility allows the tool to support manual investigations, incident response, and automated network analysis pipelines. -
21
StackStorm
Connect all your apps, services, and workflows
StackStorm is a platform for integration and automation for numerous services and tools. It takes actions in response to events, and is composed of a rules engine, workflow, and 160 integration packs with more than 6000 actions. This makes StackStorm very versatile, useful in a wide array of business applications. StackStorm can be used to automate and streamline nearly any part of a business. It can be used for automated remediation to immediately troubleshoot and fix problems when... -
22
Vector Element
A glossy Matrix collaboration client for the web
...Element gives you the independence and flexibility to create a communications platform you can trust. Whether self-hosted or fully managed. Operate on a separate decentralised network for resilience and incident response. Functionality to suit your security profile and options to brand as your own. -
23
IntelOwl
Centralized platform for automated threat intelligence analysis
...IntelOwl was created to automate repetitive investigation tasks typically performed by security operations center (SOC) analysts, helping teams focus on deeper analysis and incident response. The system features a modular architecture built around plugins that allow new analyzers, connectors, and integrations to be added easily. These plugins can collect data from external intelligence platforms or generate insights using internal analysis tools such as YARA or static malware analyzers. -
24
Mixed-effects models in Julia
A Julia package for fitting (statistical) mixed-effects models
This package defines linear mixed models (LinearMixedModel) and generalized linear mixed models (GeneralizedLinearMixedModel). Users can use the abstraction for statistical model API to build, fit (fit/fit!), and query the fitted models. A mixed-effects model is a statistical model for a response variable as a function of one or more covariates. For a categorical covariate the coefficients associated with the levels of the covariate are sometimes called effects, as in "the effect of using... -
25
Agent SOP
Natural language workflows for AI agents
...It defines reusable SOP templates that agents can instantiate with context-specific parameters, allowing organizations to codify best practices for customer support, data processing, document workflows, or incident response. The framework supports monitoring and state tracking, so external systems can observe progress, intervene if necessary, and log outcomes for compliance or auditing. Integrations with common messaging and task orchestration systems enable SOP agents to interact with email, ticket queues, and databases as part of their workflows.
