├── .gitattributes ├── Awesome-SOAR.png ├── contributing.md ├── code-of-conduct.md └── README.md /.gitattributes: -------------------------------------------------------------------------------- 1 | * text=auto 2 | readme.md merge=union 3 | -------------------------------------------------------------------------------- /Awesome-SOAR.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/correlatedsecurity/Awesome-SOAR/HEAD/Awesome-SOAR.png -------------------------------------------------------------------------------- /contributing.md: -------------------------------------------------------------------------------- 1 | # Contribution Guidelines 2 | 3 | Please note that this project is released with a 4 | [Contributor Code of Conduct](code-of-conduct.md). By participating in this 5 | project you agree to abide by its terms. 6 | 7 | --- 8 | 9 | Ensure your pull request adheres to the following guidelines: 10 | 11 | - Make sure links used in the list are direct links (no re-directs) 12 | - Make sure items mention relate to SOAR solutions 13 | 14 | Thank you for your suggestions! 15 | 16 | -------------------------------------------------------------------------------- /code-of-conduct.md: -------------------------------------------------------------------------------- 1 | # Contributor Covenant Code of Conduct 2 | 3 | ## Our Pledge 4 | 5 | In the interest of fostering an open and welcoming environment, we as 6 | contributors and maintainers pledge to making participation in our project and 7 | our community a harassment-free experience for everyone, regardless of age, body 8 | size, disability, ethnicity, gender identity and expression, level of experience, 9 | nationality, personal appearance, race, religion, or sexual identity and 10 | orientation. 11 | 12 | ## Our Standards 13 | 14 | Examples of behavior that contributes to creating a positive environment 15 | include: 16 | 17 | * Using welcoming and inclusive language 18 | * Being respectful of differing viewpoints and experiences 19 | * Gracefully accepting constructive criticism 20 | * Focusing on what is best for the community 21 | * Showing empathy towards other community members 22 | 23 | Examples of unacceptable behavior by participants include: 24 | 25 | * The use of sexualized language or imagery and unwelcome sexual attention or 26 | advances 27 | * Trolling, insulting/derogatory comments, and personal or political attacks 28 | * Public or private harassment 29 | * Publishing others' private information, such as a physical or electronic 30 | address, without explicit permission 31 | * Other conduct which could reasonably be considered inappropriate in a 32 | professional setting 33 | 34 | ## Our Responsibilities 35 | 36 | Project maintainers are responsible for clarifying the standards of acceptable 37 | behavior and are expected to take appropriate and fair corrective action in 38 | response to any instances of unacceptable behavior. 39 | 40 | Project maintainers have the right and responsibility to remove, edit, or 41 | reject comments, commits, code, wiki edits, issues, and other contributions 42 | that are not aligned to this Code of Conduct, or to ban temporarily or 43 | permanently any contributor for other behaviors that they deem inappropriate, 44 | threatening, offensive, or harmful. 45 | 46 | ## Scope 47 | 48 | This Code of Conduct applies both within project spaces and in public spaces 49 | when an individual is representing the project or its community. Examples of 50 | representing a project or community include using an official project e-mail 51 | address, posting via an official social media account, or acting as an appointed 52 | representative at an online or offline event. Representation of a project may be 53 | further defined and clarified by project maintainers. 54 | 55 | ## Enforcement 56 | 57 | Instances of abusive, harassing, or otherwise unacceptable behavior may be 58 | reported by contacting the project team at <%= email %>. All 59 | complaints will be reviewed and investigated and will result in a response that 60 | is deemed necessary and appropriate to the circumstances. The project team is 61 | obligated to maintain confidentiality with regard to the reporter of an incident. 62 | Further details of specific enforcement policies may be posted separately. 63 | 64 | Project maintainers who do not follow or enforce the Code of Conduct in good 65 | faith may face temporary or permanent repercussions as determined by other 66 | members of the project's leadership. 67 | 68 | ## Attribution 69 | 70 | This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, 71 | available at [http://contributor-covenant.org/version/1/4][version] 72 | 73 | [homepage]: http://contributor-covenant.org 74 | [version]: http://contributor-covenant.org/version/1/4/ 75 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Awesome-SOAR List [![Awesome](https://awesome.re/badge.svg)](https://awesome.re) 2 | 3 | > A curated Cyber "Security Orchestration, Automation and Response (SOAR)" resources list. 4 | 5 | 6 | 7 | >"SOAR refers to technologies that enable organizations to collect inputs monitored by the security operations team. For example, alerts from the SIEM system and other security technologies — where incident analysis and triage can be performed by leveraging a combination of human and machine power — help define, prioritize and drive standardized incident response activities. SOAR tools allow an organization to define incident analysis and response procedures in a digital workflow format." - [Gartner](https://www.gartner.com/en/information-technology/glossary/security-orchestration-automation-response-soar) 8 | 9 | 10 | ## Contents 11 | 12 | - [Global-Standards](#Global-Standards) 13 | - [Incident-Categories](#Incident-Categories) 14 | - [Process-Resources](#Process-Resources) 15 | - [Playbooks-Resources](#Playbooks-Resources) 16 | - [Workflow-Resources](#Workflow-Resources) 17 | - [Automation-Resources](#Automation-Resources) 18 | - [User-Communities](#User-Communities) 19 | - [Articles](#Articles) 20 | - [Presentations](#Presentations) 21 | - [Training](#Training) 22 | - [SOAR-Solutions](#SOAR-Solutions) 23 | - [Commercial](#Commercial) 24 | - [SIEM-with-SOAR-Included](#SIEM-with-SOAR-Included) 25 | - [Open-Source](#Open-Source) 26 | 27 | ## Global-Standards 28 | 29 | - [NIST Cybersecurity Framework](https://www.nist.gov/cyberframework) 30 | - [NIST Computer Security Incident Handling Guide](http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf) 31 | - [Collaborative Open Playbook Standard (COPS)](https://github.com/demisto/COPS) - by Demisto 32 | - [RE&CT Framework](https://github.com/atc-project/atc-react) - a MITRE ATT&CK inspired framework specifically for actionable Incident Response techniques. 33 | - [Integrated Adaptive Cyber Defense (IACD) Automate Framework](https://www.iacdautomate.org/) 34 | - [OASIS Collaborative Automated Course of Action Operations (CACAO) for Cyber Security](https://www.oasis-open.org/committees/cacao) - a standards effort to define a common language for course of action playbooks 35 | 36 | ## Incident-Categories 37 | 38 | - [ServiceNow Incident Categories and Subcategories](https://docs.servicenow.com/bundle/orlando-it-service-management/page/product/incident-management/reference/r_CategorizingIncidents.html) 39 | - [Incident Classification/Incident Taxonomy according to eCSIRT.net](https://www.trusted-introducer.org/Incident-Classification-Taxonomy.pdf) 40 | 41 | ## Process-Resources 42 | 43 | - [Information Security Incident Management Process Document Template](http://g3ctoolkit.net.s3-website-us-west-2.amazonaws.com/ia/SecPol/wmspDownloads/Information_Security_Incident_Management_Policy.doc) 44 | - [Incident Response Flowchart](http://www.asu.edu/courses/oasis/Security/Incident_Response_Flowchart.pdf) 45 | - [Critical Infrastructure Cyber Incident Management Process](https://www.publicpower.org/system/files/documents/Public-Power-Cyber-Incident-Response-Playbook.pdf) 46 | - [SANS Incident Handler's Handbook](https://www.sans.org/reading-room/whitepapers/incident/paper/33901) 47 | 48 | ## Playbooks-Resources 49 | 50 | - [Playbooks in Visio and PDF](https://www.incidentresponse.com/playbooks/) 51 | - [Top 5 Playbooks by Ayehu](https://ayehu.com/cyber-security-incident-response-automation/top-5-cyber-security-incident-response-playbooks/) 52 | - [Playbooks by Societe Generale](https://github.com/certsocietegenerale/IRM/tree/master/EN) 53 | - [Playbooks by guardsight](https://github.com/guardsight/gsvsoc_cirt-playbook-battle-cards) 54 | - [Playbooks (cloud) by AWS](https://github.com/aws-samples/aws-incident-response-runbooks/tree/master/playbooks) 55 | 56 | ## Automation-Resources 57 | 58 | - [Playbooks Automation components by Phantom](https://github.com/phantomcyber/playbooks) 59 | - [Playbooks Automation components part 2 by Phantom](https://github.com/phantomcyber/phantom-apps/tree/next/Apps) 60 | - [Playbooks Automation components by DTonomy](https://doc.dtonomy.com/playbooks.html) 61 | - [Playbooks Automation components by ThreatConnect](https://github.com/ThreatConnect-Inc/threatconnect-playbooks/tree/master/playbooks) 62 | - [Playbooks Automation components part 2 by ThreatConnect](https://github.com/ThreatConnect-Inc/threatconnect-playbooks/tree/master/apps) 63 | - [Playbooks Automation components by Rapid7](https://github.com/rapid7/insightconnect-workflows/tree/master/workflows) 64 | - [Playbooks Automation components by Microsoft Azure Sentinel](https://github.com/Azure/Azure-Sentinel/tree/master/Playbooks) 65 | - [Playbooks Automation components by Ayehu](https://github.com/Ayehu/custom-activities) 66 | - [Playbooks Automation components part 2 by Ayehu](https://github.com/Ayehu/custom-workflows) 67 | - [Playbooks Automation components part 3 by Ayehu](https://github.com/Ayehu/workflow-templates) 68 | - [Playbooks Automation components by ThreatConnect](https://github.com/ThreatConnect-Inc/threatconnect-playbooks/tree/master/components) 69 | - [Playbooks Automation components by Shuffle](https://github.com/frikky/shuffle-workflows) 70 | - [Playbooks Automation components part 2 by Shuffle](https://github.com/frikky/shuffle-apps) 71 | - [Playbooks Automation components by IBM Resilient Community](https://github.com/ibmresilient/resilient-community-apps) 72 | - [Playbooks Automation components by Rapid7](https://github.com/rapid7/insightconnect-plugins) 73 | - [Playbooks Automation components by TheHive Cortex](https://github.com/TheHive-Project/Cortex-Analyzers/tree/master/analyzers) 74 | - [Playbooks Automation components part 2 by TheHive Cortex](https://github.com/TheHive-Project/Cortex-Analyzers/tree/master/responders) 75 | - [Playbooks Automation components by WALKOFF](https://github.com/nsacyber/WALKOFF/tree/master/apps) 76 | - [Playbooks Automation components by LogRhythm](https://github.com/LogRhythm-Labs) 77 | 78 | ## User-Communities 79 | 80 | - [SOAR Telegram Group](http://t.me/CSOAR) 81 | 82 | ## Market-Research 83 | 84 | - [State of SOAR Report 2019](https://go.demisto.com/hubfs/Resources/2019%20SOAR%20Report/State%20of%20SOAR%20Report%202019.pdf) 85 | - [Gartner Market Guide for SOAR Solutions 2019](https://www.gartner.com/en/documents/3942064/market-guide-for-security-orchestration-automation-and-r) 86 | - [DFLABS Enterprise SOAR Buyers Guide 2019](https://www.infosecurityeurope.com/__novadocuments/591196?v=636930948744900000) 87 | - [Top 10 SOAR Solutions for 2019](https://www.em360tech.com/continuity/tech-features-featuredtech-news/top-10-soar-platforms/) 88 | - [Top Reviewed SOAR's on G2](https://www.g2.com/categories/security-orchestration-automation-and-response-soar) 89 | - [SOAR Vendor comparison](https://www.itcentralstation.com/categories/security-orchestration-automation-and-response-soar) 90 | - [The 8 Best SOAR Security Companies for 2020](https://solutionsreview.com/security-information-event-management/the-8-best-soar-security-companies/) 91 | - [SANS 2020 Automation and Integration Survey Results](https://www.sans.org/webcasts/2020-automation-integration-survey-results-112640) 92 | - [PeerTalk™ Panel: SOAR Trends in 2020 and Beyond](https://www.peerlyst.com/posts/peertalk-tm-panel-soar-trends-in-2020-and-beyond-peerlyst) 93 | 94 | ## Articles 95 | 96 | - [An OODA-driven SOC Strategy using: SIEM, SOAR and EDR](http://correlatedsecurity.com/an-ooda-driven-soc-strategy-using-siem-soar-edr/) 97 | - [Why a mature SIEM environment is critical for SOAR implementation](http://correlatedsecurity.com/soar-critical-success-factors/) 98 | - [7 Steps to Building an Incident Response Playbook](https://sbscyber.com/resources/7-steps-to-building-an-incident-response-playbook) 99 | - [8 Ways Playbooks Enhance Incident Response](https://www.sirp.io/blog/8-ways-playbooks-enhance-incident-response/) 100 | - [Top Security Orchestration Use Cases](https://www.infosecurityeurope.com/__novadocuments/544304?v=636821081002000000) 101 | - [Security orchestration and automation checklist](https://www.helpnetsecurity.com/2019/08/05/security-orchestration-and-automation-checklist/) 102 | 103 | ## Presentations 104 | 105 | - [Hacking your SOEL: SOC Automation and Orchestration – SANS Security Operations Summit 2018](https://www.youtube.com/watch?v=_mnxZ1iSUGg) 106 | - [Hacking your SOEL: SOC Automation and Orchestration – SANS Security Operations Summit 2018 - SLIDES](https://www.sans.org/cyber-security-summit/archives/file/summit-archive-1532986430.pdf) 107 | - [Leveraging TheHive & Cortex for automated IR](https://www.youtube.com/watch?v=K6K1fNpbf9w) 108 | - [Cloud Security Automation: From Infrastructure to App | SANS Cloud Security Summit 2019](https://www.youtube.com/watch?v=3IAOSWHCGQo) 109 | - [SANS Webcast: Automating Information Security with Python](https://www.youtube.com/watch?v=MaeL50iO26s) 110 | 111 | ## Training 112 | 113 | - [SANS SEC573: Automating Information Security with Python](https://www.sans.org/course/automating-information-security-with-python) 114 | 115 | ## Contribute 116 | 117 | Contributions welcome! Read the [contribution guidelines](contributing.md) first. 118 | 119 | # SOAR-Solutions 120 | 121 | - [Commercial](#Commercial) 122 | - [SIEM-with-SOAR-Included](#SIEM-with-SOAR-Included) 123 | - [Open-Source](#Open-Source) 124 | 125 | 126 | ## Commercial 127 | - [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/xsoar) - Previously Demisto, now with Palo Alto Networks 128 | - **[PRODUCT BLOG LINKS]** 129 | - [Demisto Blog](https://blog.demisto.com/) 130 | - [Palo Alto Blog](https://blog.paloaltonetworks.com/tag/cortex-xdr/) 131 | - **[WEBINAR LINKS]** 132 | - [Cortex XSOAR Webinar Videos on Youtube](https://www.youtube.com/results?search_query=cortex+xsoar+webinar) 133 | - [Demisto Webinar Videos on Youtube](https://www.youtube.com/results?search_query=demisto+webinar) 134 | - **[CONFERENCE SLIDES LINKS]** 135 | - [Palo Alto Networks Ignite Conference Videos Youtube](https://www.youtube.com/results?search_query=%22palo+alto+networks+ignite%22+xsoar) 136 | - **[FREE/TRIAL DOWNLOAD LINKS]** 137 | - [Cortex XSOAR 30 Day Free Community Edition](https://start.paloaltonetworks.com/sign-up-for-community-edition.html) 138 | - **[FREE LEARNING LINKS]** 139 | - [Several Free Foundational eLearning Courses](https://www.paloaltonetworks.com/services/education/digital-learning) 140 | - [Customer Case Studies](https://www.youtube.com/playlist?list=PLBpoVs10QWXKhrqBrb5TdlAN1wto1L8ia) 141 | - [Demisto, Cortex XSOAR Youtube video playlist](https://www.youtube.com/playlist?list=PL9AMso8b1trO0WQd90Px1sJxvcfK27ZVJ) 142 | - **[PAID TRAINING LINKS]** 143 | - [Palo Alto Learning Center](http://education.paloaltonetworks.com/learningcenter) 144 | - **[DOCUMENTATION LINKS]** 145 | - [Cortex XSOAR Documentation](https://docs.paloaltonetworks.com/cortex/cortex-xsoar.html) 146 | - **[SUPPORT LINKS]** 147 | - Not Available 148 | - **[USER FORUM LINKS]** 149 | - [Cortex XSOAR User Community](https://live.paloaltonetworks.com/t5/cortex-xsoar/ct-p/Cortex_XSOAR) 150 | - **[APP DEVELOPMENT LINKS]** 151 | - [Content Developer Portal](https://xsoar.pan.dev/) 152 | - [XSOAR Github](https://github.com/demisto/content) 153 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 154 | - Not Available - Feature requests go through support 155 | - **[REDDIT COMMUNITY LINKS]** 156 | - Not Available 157 | - **[YOUTUBE LINKS]** 158 | - [XSOAR Youtube Channel](https://www.youtube.com/channel/UCPZSycGbjGoIcTF6kudEilw) 159 | - **[TWITTER LINKS]** 160 | - [PAN Twitter Page](https://twitter.com/PaloAltoNtwks) 161 | - **[LINKEDIN LINKS]** 162 | - [LinkedIN](https://www.linkedin.com/company/cortexbypanw/) 163 | - **[ONLINE CHAT GROUPS]** 164 | - [Online Slack Community](https://start.paloaltonetworks.com/join-our-slack-community) 165 | - [DTonomy SOAR](https://www.dtonomy.com/dtonomy-air-enterprise/) 166 | - **[PRODUCT BLOG LINKS]** 167 | - [DTonomy Blog](https://www.dtonomy.com/blog/) 168 | - **[WEBINAR LINKS]** 169 | - Not Available 170 | - **[CONFERENCE SLIDES LINKS]** 171 | - Not Available 172 | - **[FREE/TRIAL DOWNLOAD LINKS]** 173 | - [DTonomy Community](https://www.dtonomy.com/pricing/) 174 | - **[FREE LEARNING LINKS]** 175 | - [DTonomy Quick Tutorial](https://tutorial.dtonomy.com/) 176 | - **[PAID TRAINING LINKS]** 177 | - Not Available 178 | - **[DOCUMENTATION LINKS]** 179 | - [DTonomy Doc](https://doc.dtonomy.com/) 180 | - **[SUPPORT LINKS]** 181 | - Not Available 182 | - **[USER FORUM LINKS]** 183 | - Not Available 184 | - **[APP DEVELOPMENT LINKS]** 185 | - Not Available 186 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 187 | - [Request Enhancement Link](https://calendly.com/dtonomy/30min?month=2023-01) 188 | - **[REDDIT COMMUNITY LINKS]** 189 | - Not Available 190 | - **[YOUTUBE LINKS]** 191 | - [DTonomy Youtube](https://www.youtube.com/@dtonomy8635) 192 | - **[TWITTER LINKS]** 193 | - [DTonomy Twitter](https://twitter.com/Peter_DTonomy) 194 | - **[LINKEDIN LINKS]** 195 | - [DTonomy LinkedIN](https://www.linkedin.com/company/dtonomy/) 196 | - **[ONLINE CHAT GROUPS]** 197 | - [DTonomy Slack](https://join.slack.com/t/dtonomy/shared_invite/zt-dpvdz946-NgEYwW~aUhwTosER6SiK~w) 198 | - [IBM Resilient](https://www.ibm.com/my-en/marketplace/resilient-soar-platform) 199 | - **[PRODUCT BLOG LINKS]** 200 | - [IBM Security Resilient Community Blog](https://community.ibm.com/community/user/security/communities/community-home/recent-community-blogs?communitykey=d2f71e8c-108e-4652-b59c-29d61af7163e&tab=recentcommunityblogsdashboard) 201 | - **[WEBINAR LINKS]** 202 | - [IBM Resilient On-Demand Webinars](https://community.ibm.com/community/user/security/communities/community-home/recent-community-events?communitykey=d2f71e8c-108e-4652-b59c-29d61af7163e&tab=recentcommunityeventsdashboard) 203 | - [IBM Resilient Webinar videos on Youtube](https://www.youtube.com/results?search_query=%22IBM+Resilient%22+webinar) 204 | - **[CONFERENCE SLIDES LINKS]** 205 | - Not Available 206 | - **[FREE/TRIAL DOWNLOAD LINKS]** 207 | - Not Available - [Image can be downloaded here, but requires license](https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Security&product=ibm/Other+software/IBM+Resilient+SOAR+Platform&release=All&platform=All&function=all) 208 | - **[FREE LEARNING LINKS]** 209 | - [IBM Learning Academy - Couple of Free Courses](https://www.securitylearningacademy.com/local/navigator/index.php?level=inir01) 210 | - [IBM Resilient Youtube Videos](https://www.youtube.com/channel/UCwFpignv-CgRX9Dw-tbLEIA) 211 | - **[PAID TRAINING LINKS]** 212 | - [IBM Learning Academy](https://www.securitylearningacademy.com/local/navigator/index.php?level=inir01) 213 | - **[DOCUMENTATION LINKS]** 214 | - [IBM Resilient Documentation](https://www.ibm.com/support/knowledgecenter/SSBRUQ) 215 | - **[SUPPORT LINKS]** 216 | - [IBM Security Resilient Support](https://www.ibm.com/mysupport/) 217 | - **[USER FORUM LINKS]** 218 | - [IBM Security Resilient Community Forum](https://community.ibm.com/community/user/communities/community-home/digestviewer?communitykey=d2f71e8c-108e-4652-b59c-29d61af7163e&tab=digestviewer) 219 | - **[APP DEVELOPMENT LINKS]** 220 | - [IBM Resilient Community Apps](https://github.com/ibmresilient/resilient-community-apps) 221 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 222 | - [IBM Security Resilient Ideas (RFE's)](https://2e4ccba981d63ef83a875dad7396c9a0.ideas.aha.io/ideas) 223 | - **[REDDIT COMMUNITY LINKS]** 224 | - Not Available 225 | - **[YOUTUBE LINKS]** 226 | - [IBM Security Youtube Videos](https://www.youtube.com/user/IBMSecuritySolutions) 227 | - [Older IBM Resilient Youtube Videos](https://www.youtube.com/c/Resilientsystems/videos) 228 | - **[TWITTER LINKS]** 229 | - [IBM Security](https://twitter.com/IBMSecurity) 230 | - **[LINKEDIN LINKS]** 231 | - [IBM Resilient LinkedIN](https://www.linkedin.com/company/resilient-an-ibm-company/) 232 | - **[ONLINE CHAT GROUPS]** 233 | - Not Available 234 | - [Splunk Phantom](https://www.splunk.com/en_us/software/splunk-security-orchestration-and-automation.html) 235 | - **[PRODUCT BLOG LINKS]** 236 | - [Phantom Blog](https://www.splunk.com/en_us/blog/search.html?query=phantom) 237 | - **[WEBINAR LINKS]** 238 | - [on demand webinars](https://www.splunk.com/en_us/about-us/events.html#filter/defilter1/list-item-block/defilter2/OnDemandWebinars/defilter3/SecurityComplianceandFraud) 239 | - [Phantom Youtube Webinars](https://www.youtube.com/results?search_query=splunk+phantom+soar+webinar) 240 | - **[CONFERENCE SLIDES LINKS]** 241 | - [Splunk .Conf slides](https://conf.splunk.com/) 242 | - **[FREE/TRIAL DOWNLOAD LINKS]** 243 | - [Free Community edition available for registered users](https://my.phantom.us/signup/) 244 | - **[FREE LEARNING LINKS]** 245 | - [Phantom Community Youtube Video](https://www.youtube.com/playlist?list=PLxkFdMSHYh3RBP9TRBVadwZeoMuDRTfB6) 246 | - **[PAID TRAINING LINKS]** 247 | - [Paid Instructor led training](https://www.splunk.com/en_us/training/learning-path/courses-for-phantom/overview.html) 248 | - **[DOCUMENTATION LINKS]** 249 | - [Phantom Documentation](https://docs.splunk.com/Documentation/Phantom) 250 | - **[SUPPORT LINKS]** 251 | - [Splunk Support page](https://www.splunk.com/en_us/support-and-services.html) 252 | - **[USER FORUM LINKS]** 253 | - [Phantom User Community](https://community.splunk.com/t5/Splunk-Phantom/bd-p/security-phantom) 254 | - **[APP DEVELOPMENT LINKS]** 255 | - [Phantom Github Repository](https://github.com/phantomcyber/phantom-apps) 256 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 257 | - [Post Feature request in title on user forum](https://community.splunk.com/t5/Splunk-Phantom/bd-p/security-phantom) 258 | - **[REDDIT COMMUNITY LINKS]** 259 | - [Phantom Team Questions Thread](https://www.reddit.com/r/IAmA/comments/cqazkp/we_are_the_splunkphantom_team_helping_protect/) 260 | - **[YOUTUBE LINKS]** 261 | - [Splunk Official Youtube](https://www.youtube.com/c/Splunkofficial/featured) 262 | - **[TWITTER LINKS]** 263 | - [Phantom on Twitter](https://twitter.com/tryphantom) 264 | - **[LINKEDIN LINKS]** 265 | - [Phantom on LinkedIN](https://www.linkedin.com/company/phantom-cyber) 266 | - **[ONLINE CHAT GROUPS]** 267 | - Not Available 268 | - [Siemplify](https://www.siemplify.co/) 269 | - **[PRODUCT BLOG LINKS]** 270 | - [Siemplify Blog](https://www.siemplify.co/blog/) 271 | - **[WEBINAR LINKS]** 272 | - [Siemplify Webinars](https://www.siemplify.co/resources/) 273 | - **[CONFERENCE SLIDES LINKS]** 274 | - Not Available 275 | - **[FREE/TRIAL DOWNLOAD LINKS]** 276 | - [Siemplify Community Edition](https://www.siemplify.co/community/) 277 | - [Siemplify Trial Edition](https://www.siemplify.co/cloud-trial/) 278 | - **[FREE LEARNING LINKS]** 279 | - [Siemplify Video Tour](https://www.siemplify.co/security-orchestration-video-tour/) 280 | - [Siemplify Resources](https://www.siemplify.co/resources/) 281 | - [Siemplify Youtube](https://www.youtube.com/channel/UCM5UwCcey6pSA0z0frZqGsA) 282 | - **[PAID TRAINING LINKS]** 283 | - Not Available 284 | - **[DOCUMENTATION LINKS]** 285 | - [User Forum](https://community.siemplify.co/entry/signin?Target=discussions) 286 | - **[SUPPORT LINKS]** 287 | - [Siemplify Support](https://www.siemplify.co/support/) 288 | - **[USER FORUM LINKS]** 289 | - [User Forum](https://community.siemplify.co/entry/signin?Target=discussions) 290 | - **[APP DEVELOPMENT LINKS]** 291 | - [User Forum](https://community.siemplify.co/entry/signin?Target=discussions) 292 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 293 | - [User Forum](https://community.siemplify.co/entry/signin?Target=discussions) 294 | - **[REDDIT COMMUNITY LINKS]** 295 | - Not Available 296 | - **[YOUTUBE LINKS]** 297 | - [Siemplify Youtube](https://www.youtube.com/channel/UCM5UwCcey6pSA0z0frZqGsA) 298 | - **[TWITTER LINKS]** 299 | - [Siemplify Twitter](https://twitter.com/siemplify) 300 | - **[LINKEDIN LINKS]** 301 | - [Siemplify LinkedIN](https://www.linkedin.com/company/siemplify/) 302 | - **[ONLINE CHAT GROUPS]** 303 | - Not Available 304 | - [Swimlane](https://swimlane.com/) - Syncurity is now acquired by Swimlane 305 | - **[PRODUCT BLOG LINKS]** 306 | - [Swimlane Blog](https://swimlane.com/blog/) 307 | - **[WEBINAR LINKS]** 308 | - [Swimlane Webinars](https://swimlane.com/resources/events/) 309 | - **[CONFERENCE SLIDES LINKS]** 310 | - [Swimlane Conference](https://swimlane.com/resources/events/) 311 | - **[FREE/TRIAL DOWNLOAD LINKS]** 312 | - Not Available 313 | - **[FREE LEARNING LINKS]** 314 | - [SOAR Learning Hubg](https://swimlane.com/resources/soar-learning-hub/) 315 | - **[PAID TRAINING LINKS]** 316 | - [Swimlane Paid Training](https://swimlane.com/services/certification-program/) 317 | - **[DOCUMENTATION LINKS]** 318 | - [Swimlane Documentation](https://swimlane.com/knowledge-center/docs/) 319 | - **[SUPPORT LINKS]** 320 | - [Swimlane Support Portal](https://support.swimlane.com/support/login) 321 | - **[USER FORUM LINKS]** 322 | - [SecOps Hub User forum](https://www.secopshub.com/) 323 | - **[APP DEVELOPMENT LINKS]** 324 | - [App Developer Resources](https://swimlane.com/resources/analyst-hub/) 325 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 326 | - [Swimlane Support Portal for feature requests](https://support.swimlane.com/support/login) 327 | - **[REDDIT COMMUNITY LINKS]** 328 | - Not Available 329 | - **[YOUTUBE LINKS]** 330 | - [Swimlane Youtube](https://www.youtube.com/channel/UCs6qP3QXytOsCD1TRIw0EYg) 331 | - **[TWITTER LINKS]** 332 | - [Swimlane Twitter](https://twitter.com/swimlane/) 333 | - **[LINKEDIN LINKS]** 334 | - [Swimlane LinkedIN](https://www.linkedin.com/company/swimlane/) 335 | - **[ONLINE CHAT GROUPS]** 336 | - Not Available 337 | - [Rapid7 InsightConnect](https://www.rapid7.com/products/insightconnect/) 338 | - **[PRODUCT BLOG LINKS]** 339 | - [Rapid7 Blog](https://blog.rapid7.com/) 340 | - **[WEBINAR LINKS]** 341 | - [Rapid7 Webinars](https://www.rapid7.com/about/events-webcasts/) 342 | - **[CONFERENCE SLIDES LINKS]** 343 | - [Rapid7 Conference](https://www.rapid7.com/about/events-webcasts/) 344 | - **[FREE/TRIAL DOWNLOAD LINKS]** 345 | - [Free Trial](https://www.rapid7.com/try/insight/) 346 | - **[FREE LEARNING LINKS]** 347 | - [Free Learning Resources](https://www.rapid7.com/resources/?p=InsightConnect) 348 | - [Online videos Youtube](https://www.youtube.com/results?search_query=rapid7+insightconnect) 349 | - **[PAID TRAINING LINKS]** 350 | - [Training and Certification](https://www.rapid7.com/resources/) 351 | - **[DOCUMENTATION LINKS]** 352 | - [Rapid7 InsightConnect Documentation](https://docs.rapid7.com/insightconnect/) 353 | - **[SUPPORT LINKS]** 354 | - [Support Login](https://www.rapid7.com/for-customers/) 355 | - **[USER FORUM LINKS]** 356 | - [Rapid7 Login](https://insight.rapid7.com/login) 357 | - **[APP DEVELOPMENT LINKS]** 358 | - [Rapid7 InsightConnect Developer instructions](https://docs.rapid7.com/insightconnect/create-custom-plugins/) 359 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 360 | - [Rapid7 InsightConnect feature requests on github](https://github.com/rapid7/insightconnect-plugins/issues) 361 | - **[REDDIT COMMUNITY LINKS]** 362 | - [Unofficial Rapid7 Reddit](https://www.reddit.com/r/rapid7/) 363 | - **[YOUTUBE LINKS]** 364 | - [Rapid7 youtube](https://www.youtube.com/user/GoRapid7) 365 | - **[TWITTER LINKS]** 366 | - [Rapid7 Twitter](https://twitter.com/Rapid7) 367 | - **[LINKEDIN LINKS]** 368 | - [Rapid7 LinkedIN](https://www.linkedin.com/company/39624) 369 | - **[ONLINE CHAT GROUPS]** 370 | - Not Available 371 | - [ThreatConnect](https://threatconnect.com/solution/soar-platform/) 372 | - **[PRODUCT BLOG LINKS]** 373 | - [ThreatConnect Blog](https://threatconnect.com/blog/) 374 | - **[WEBINAR LINKS]** 375 | - [ThreatConnect Webinars](https://threatconnect.com/resources/webinars/) 376 | - **[CONFERENCE SLIDES LINKS]** 377 | - [ThreatConnect Events](https://threatconnect.com/resources/events/) 378 | - **[FREE/TRIAL DOWNLOAD LINKS]** 379 | - Not Available 380 | - **[FREE LEARNING LINKS]** 381 | - [ThreaConnect Learning Portal](https://training.threatconnect.com/) 382 | - [ThreatConnect Resources](https://threatconnect.com/resources/) 383 | - **[PAID TRAINING LINKS]** 384 | - [ThreaConnect Learning Portal](https://training.threatconnect.com/) 385 | - **[DOCUMENTATION LINKS]** 386 | - [ThreatConnect Documentation](https://docs.threatconnect.com/en/latest/) 387 | - **[SUPPORT LINKS]** 388 | - [ThreatConnect Support](https://training.threatconnect.com/support) 389 | - **[USER FORUM LINKS]** 390 | - [ThreatConnect Community](https://threatconnect.com/company/threatconnect-community/) 391 | - **[APP DEVELOPMENT LINKS]** 392 | - [ThreatConnect Apps](https://docs.threatconnect.com/en/latest/tcex/building_apps_quickstart.html) 393 | - [ThreatConnect Developer Github](https://github.com/ThreatConnect-Inc/threatconnect-developer-docs) 394 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 395 | - [ThreatConnect Support](https://training.threatconnect.com/support) 396 | - **[REDDIT COMMUNITY LINKS]** 397 | - [ThreatConnect Reddit](https://www.reddit.com/r/threatconnect/) 398 | - **[YOUTUBE LINKS]** 399 | - [ThreatConnect Youtube](https://www.youtube.com/channel/UCPyjrU8mqhsHl0EhB7ZIfgw) 400 | - **[TWITTER LINKS]** 401 | - [ThreatConnect Twitter](https://twitter.com/ThreatConnect) 402 | - **[LINKEDIN LINKS]** 403 | - [ThreatConnect LinkedIN](https://www.linkedin.com/company/threatconnect-inc/) 404 | - **[ONLINE CHAT GROUPS]** 405 | - [ThreatConnect Slack Channel](https://threatconnect.com/company/threatconnect-community/) 406 | - [ATAR](https://www.atarlabs.io/en/) - Now part of Micro Focus (ArcSight) 407 | - **[PRODUCT BLOG LINKS]** 408 | - [Atar Blog](https://www.atarlabs.io/en/blog) 409 | - **[WEBINAR LINKS]** 410 | - [Atar Resources](https://www.atarlabs.io/en/library) 411 | - **[CONFERENCE SLIDES LINKS]** 412 | - [Atar Youtube videos](https://www.youtube.com/results?search_query=atar+labs+conference) 413 | - **[FREE/TRIAL DOWNLOAD LINKS]** 414 | - Not Available 415 | - **[FREE LEARNING LINKS]** 416 | - [Atar Videos](https://www.atarlabs.io/en/media/videos) 417 | - **[PAID TRAINING LINKS]** 418 | - Not Available 419 | - **[DOCUMENTATION LINKS]** 420 | - Not Available 421 | - **[SUPPORT LINKS]** 422 | - Not Available 423 | - **[USER FORUM LINKS]** 424 | - Not Available 425 | - **[APP DEVELOPMENT LINKS]** 426 | - Not Available 427 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 428 | - Not Available 429 | - **[REDDIT COMMUNITY LINKS]** 430 | - Not Available 431 | - **[YOUTUBE LINKS]** 432 | - [Atar Youtube](https://twitter.com/atar_labs?lang=en) 433 | - **[TWITTER LINKS]** 434 | - [Atar Twitter](https://twitter.com/atar_labs?lang=en) 435 | - **[LINKEDIN LINKS]** 436 | - [Atar LinkedIN](https://www.linkedin.com/organization-guest/company/atarlabs) 437 | - **[ONLINE CHAT GROUPS]** 438 | - .Not Available 439 | - [Ayehu](https://ayehu.com/solutions/security-operations/) 440 | - **[PRODUCT BLOG LINKS]** 441 | - [Ayehu Blog](https://ayehu.com/it-process-automation-blog/) 442 | - **[WEBINAR LINKS]** 443 | - [Ayehu Webinars](https://ayehu.com/resources/resource-center/) 444 | - **[CONFERENCE SLIDES LINKS]** 445 | - [Ayehu Conference resources](https://ayehu.com/about-the-company/news/) 446 | - **[FREE/TRIAL DOWNLOAD LINKS]** 447 | - [Ayehu 30 day free trial](https://info.ayehu.com/download-free-30-day-trial-ng) 448 | - **[FREE LEARNING LINKS]** 449 | - [Ayehu Resource Center](https://ayehu.com/resources/resource-center/) 450 | - [Ayehu Free Training Courses](https://ayehu.com/resources/ayehu-automation-academy/#unique) 451 | - **[PAID TRAINING LINKS]** 452 | - [Ayehu paid Training Courses](https://ayehu.com/resources/ayehu-automation-academy/#unique) 453 | - **[DOCUMENTATION LINKS]** 454 | - [Ayehu Documentation](https://ayehu.com/resources/user-guides/) 455 | - **[SUPPORT LINKS]** 456 | - [Ayehu Support Portal](https://ayehu.com/resources/support-portal/) 457 | - **[USER FORUM LINKS]** 458 | - [Ayehu User Community](https://ayehu.com/resources/community/) 459 | - **[APP DEVELOPMENT LINKS]** 460 | - [Ayehu App development](https://github.com/Ayehu/custom-activities/blob/master/CONTRIBUTING.md) 461 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 462 | - [Ayehu Support Portal](https://ayehu.com/resources/support-portal/) 463 | - **[REDDIT COMMUNITY LINKS]** 464 | - Not Available 465 | - **[YOUTUBE LINKS]** 466 | - [Ayehu Youtube](https://www.youtube.com/user/ayehusoftware/videos) 467 | - **[TWITTER LINKS]** 468 | - [Ayehu Twitter](https://twitter.com/ayehu_eyeshare) 469 | - **[LINKEDIN LINKS]** 470 | - [Ayehu LinkedIN Group](https://www.linkedin.com/groups/4140672/) 471 | - **[ONLINE CHAT GROUPS]** 472 | - Not Available 473 | - [FortiSOAR](https://www.fortinet.com/products/fortisoar) - Previously called CyberSponse, Now part of Fortinet 474 | - **[PRODUCT BLOG LINKS]** 475 | - [FortiSOAR Blog](https://www.fortinet.com/blog) 476 | - **[WEBINAR LINKS]** 477 | - [Fortinet Webinar events](https://events.fortinet.com/) 478 | - **[CONFERENCE SLIDES LINKS]** 479 | - [Fortinet Conference events](https://events.fortinet.com/) 480 | - **[FREE/TRIAL DOWNLOAD LINKS]** 481 | - [Free 45 day Community Edition](https://www.fortinet.com/products/fortisoar/demo-fortisoar-community) 482 | - **[FREE LEARNING LINKS]** 483 | - [FortiSOAR Resources](https://www.fortinet.com/products/fortisoar#resources) 484 | - [FortiSOAR Youtube Videos](https://www.youtube.com/results?search_query=fortisoar+webinar) 485 | - **[PAID TRAINING LINKS]** 486 | - [FortiSOAR training](https://training.fortinet.com/) 487 | - **[DOCUMENTATION LINKS]** 488 | - [FortiSOAR Documentation](https://docs.fortinet.com/product/fortisoar/6.4) 489 | - **[SUPPORT LINKS]** 490 | - [FortiSOAR SUpport](https://support.fortinet.com/) 491 | - **[USER FORUM LINKS]** 492 | - [FortiSOAR Community](https://fusecommunity.fortinet.com/) 493 | - **[APP DEVELOPMENT LINKS]** 494 | - Not Available 495 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 496 | - [FortiSOAR SUpport](https://support.fortinet.com/) 497 | - **[REDDIT COMMUNITY LINKS]** 498 | - [Fortinet Reddit](https://www.reddit.com/r/fortinet) 499 | - **[YOUTUBE LINKS]** 500 | - [FortiSOAR Youtube](https://www.youtube.com/user/SecureNetworks) 501 | - **[TWITTER LINKS]** 502 | - [FortiSOAR Twitter](https://twitter.com/fortinet) 503 | - **[LINKEDIN LINKS]** 504 | - [FortiSOAR LinkedIN](https://www.linkedin.com/company/fortinet/) 505 | - **[ONLINE CHAT GROUPS]** 506 | - Not Available 507 | - [D3 SOAR](https://d3security.com/) 508 | - **[PRODUCT BLOG LINKS]** 509 | - [D3 SOAR Blog](https://d3security.com/resources/blog-posts/) 510 | - **[WEBINAR LINKS]** 511 | - [D3 Security](https://d3security.com/resources/webinars/) 512 | - **[CONFERENCE SLIDES LINKS]** 513 | - [D3 SOAR Conference resources](https://d3security.com/resources/) 514 | - **[FREE/TRIAL DOWNLOAD LINKS]** 515 | - Not Available 516 | - **[FREE LEARNING LINKS]** 517 | - [D3 SOAR resources](https://d3security.com/resources/) 518 | - **[PAID TRAINING LINKS]** 519 | - Not Available 520 | - **[DOCUMENTATION LINKS]** 521 | - [D3 Security Tech Docs](https://docs.d3security.com/) 522 | - **[SUPPORT LINKS]** 523 | - Not Available 524 | - **[USER FORUM LINKS]** 525 | - Not Available 526 | - **[APP DEVELOPMENT LINKS]** 527 | - Not Available 528 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 529 | - Not Available 530 | - **[REDDIT COMMUNITY LINKS]** 531 | - Not Available 532 | - **[YOUTUBE LINKS]** 533 | - [D3 Security Youtube](https://www.youtube.com/channel/UC3Oz29o72WV5bVIqmwOnQNQ) 534 | - **[TWITTER LINKS]** 535 | - [D3 Security Twitter](https://twitter.com/D3Security) 536 | - **[LINKEDIN LINKS]** 537 | - [D3 Security LinkedIN](https://www.linkedin.com/company/d3-security-management-systems) 538 | - **[ONLINE CHAT GROUPS]** 539 | - Not Available 540 | - [DFLabs IncMan SOAR](https://www.dflabs.com/platform/incman-soar/) 541 | - **[PRODUCT BLOG LINKS]** 542 | - [DFLabs Blog](https://www.dflabs.com/resources/blog/) 543 | - **[WEBINAR LINKS]** 544 | - [DFLabs Webinars](https://www.dflabs.com/resources/on-demand-webinars/) 545 | - **[CONFERENCE SLIDES LINKS]** 546 | - [DFLabs Conference](https://www.dflabs.com/resources/events/) 547 | - **[FREE/TRIAL DOWNLOAD LINKS]** 548 | - [DFLabs IncMan SOAR Community Edition](https://www.dflabs.com/incman-soar-community-edition/) 549 | - **[FREE LEARNING LINKS]** 550 | - Not Available 551 | - **[PAID TRAINING LINKS]** 552 | - Not Available 553 | - **[DOCUMENTATION LINKS]** 554 | - [DFLabs Community portal](https://community.dflabs.com/support/login) 555 | - **[SUPPORT LINKS]** 556 | - [DFLabs Support portal](https://community.dflabs.com/support/login) 557 | - **[USER FORUM LINKS]** 558 | - [DFLabs Community portal](https://community.dflabs.com/support/login) 559 | - **[APP DEVELOPMENT LINKS]** 560 | - Not Available 561 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 562 | - [DFLabs Community portal](https://community.dflabs.com/support/login) 563 | - **[REDDIT COMMUNITY LINKS]** 564 | - Not Available 565 | - **[YOUTUBE LINKS]** 566 | - [DFLabs Youtube](https://www.youtube.com/user/DFLabs) 567 | - **[TWITTER LINKS]** 568 | - [DFLabs Twitter](https://twitter.com/DFLabs) 569 | - **[LINKEDIN LINKS]** 570 | - [DFLabs LinkedIN](https://www.linkedin.com/company/dflabs) 571 | - **[ONLINE CHAT GROUPS]** 572 | - Not available 573 | - [Resolve SOAR](https://resolve.io/solutions/security-automation-and-orchestration) 574 | - **[PRODUCT BLOG LINKS]** 575 | - [Resolve SOAR Blog](https://resolve.io/blog) 576 | - **[WEBINAR LINKS]** 577 | - [Resolve SOAR Webinars](https://resolve.io/it-automation-resources) 578 | - **[CONFERENCE SLIDES LINKS]** 579 | - [Resolve SOAR Webinars](https://resolve.io/it-automation-resources) 580 | - **[FREE/TRIAL DOWNLOAD LINKS]** 581 | - Not available 582 | - **[FREE LEARNING LINKS]** 583 | - [Resolve SOAR Vimeo Videos](https://vimeo.com/resolveio) 584 | - **[PAID TRAINING LINKS]** 585 | - [Resolve Training](https://resolve.io/training) 586 | - **[DOCUMENTATION LINKS]** 587 | - Not available 588 | - **[SUPPORT LINKS]** 589 | - [Resolve SOAR Support portal](https://resolvesystems.force.com/Support/s/) 590 | - **[USER FORUM LINKS]** 591 | - Not available 592 | - **[APP DEVELOPMENT LINKS]** 593 | - Not available 594 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 595 | - [Resolve SOAR Support portal](https://resolvesystems.force.com/Support/s/) 596 | - **[REDDIT COMMUNITY LINKS]** 597 | - Not Available 598 | - **[YOUTUBE LINKS]** 599 | - [Resolve SOAR Vimeo](https://vimeo.com/resolveio) 600 | - **[TWITTER LINKS]** 601 | - [Resolve SOAR Twitter](https://twitter.com/ResolveSystems) 602 | - **[LINKEDIN LINKS]** 603 | - [Resolve SOAR LinkedIN](https://www.linkedin.com/company/resolvesystems/) 604 | - **[ONLINE CHAT GROUPS]** 605 | - Not Available 606 | - [ServiceNow SecOps](https://www.servicenow.com/products/security-operations.html) 607 | - **[PRODUCT BLOG LINKS]** 608 | - [ServiceNow Blog](https://blogs.servicenow.com/) 609 | - **[WEBINAR LINKS]** 610 | - [ServiceNow Secops Webinars](https://www.servicenow.com/events.html#servicenow%25products/security-operations) 611 | - **[CONFERENCE SLIDES LINKS]** 612 | - [ServiceNow Knowledge](https://knowledge.servicenow.com/) 613 | - **[FREE/TRIAL DOWNLOAD LINKS]** 614 | - Not Available 615 | - **[FREE LEARNING LINKS]** 616 | - Not Available 617 | - **[PAID TRAINING LINKS]** 618 | - [ServiceNow SecOps Paid Training](https://www.servicenow.com/services/training-and-certification/security-operations.html) 619 | - **[DOCUMENTATION LINKS]** 620 | - [ServiceNow SecOps Documentation](https://docs.servicenow.com/bundle/madrid-security-management/page/product/planning-and-policy/concept/c_SecurityManagement.html) 621 | - **[SUPPORT LINKS]** 622 | - [ServiceNow Support](https://www.servicenow.com/support/contact-support.html) 623 | - **[USER FORUM LINKS]** 624 | - [ServiceNow Secops User Forum](https://community.servicenow.com/community?id=community_forum&sys_id=be299a2ddbd897c068c1fb651f9619bb) 625 | - **[APP DEVELOPMENT LINKS]** 626 | - [ServiceNow Secops integration](https://docs.servicenow.com/bundle/istanbul-security-management/page/product/security-operations-integrations/concept/c_IntegrationWritingGuidelines.html) 627 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 628 | - [ServiceNow Support](https://www.servicenow.com/support/contact-support.html) 629 | - **[REDDIT COMMUNITY LINKS]** 630 | - [ServiceNow Reddit Community](https://www.reddit.com/r/servicenow/) 631 | - **[YOUTUBE LINKS]** 632 | - [ServiceNow Youtube](https://www.youtube.com/user/servicenowinc) 633 | - **[TWITTER LINKS]** 634 | - [ServiceNow Twitter](https://twitter.com/servicenow) 635 | - **[LINKEDIN LINKS]** 636 | - [ServiceNow LinkedIN](https://www.linkedin.com/company/servicenow) 637 | - **[ONLINE CHAT GROUPS]** 638 | - Not Available 639 | - [SIRP SOAR](https://www.sirp.io/overview/) 640 | - **[PRODUCT BLOG LINKS]** 641 | - [SIRP Blog](https://www.sirp.io/blog/) 642 | - **[WEBINAR LINKS]** 643 | - [SIRP Webinars](https://www.sirp.io/resources/) 644 | - **[CONFERENCE SLIDES LINKS]** 645 | - [SIRP Webinars](https://www.sirp.io/resources/) 646 | - **[FREE/TRIAL DOWNLOAD LINKS]** 647 | - .Not Available.. 648 | - **[FREE LEARNING LINKS]** 649 | - Not Available 650 | - **[PAID TRAINING LINKS]** 651 | - Not Available 652 | - **[DOCUMENTATION LINKS]** 653 | - Not Available 654 | - **[SUPPORT LINKS]** 655 | - Not Available 656 | - **[USER FORUM LINKS]** 657 | - Not Available 658 | - **[APP DEVELOPMENT LINKS]** 659 | - Not Available 660 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 661 | - Not Available 662 | - **[REDDIT COMMUNITY LINKS]** 663 | - Not Available 664 | - **[YOUTUBE LINKS]** 665 | - [SIRP Youtube](https://www.youtube.com/channel/UCsfVsg-908RA34StmRKfR6Q) 666 | - **[TWITTER LINKS]** 667 | - [SIRP Twitter](https://twitter.com/sirp_io) 668 | - **[LINKEDIN LINKS]** 669 | - [SIRP LinkedIN](http://linkedin.com/company/13684515) 670 | - **[ONLINE CHAT GROUPS]** 671 | - Not Available 672 | - [Tines](https://tines.io) 673 | - **[PRODUCT BLOG LINKS]** 674 | - [Tines Blog](https://www.tines.io/blog/) 675 | - **[WEBINAR LINKS]** 676 | - Not Available 677 | - **[CONFERENCE SLIDES LINKS]** 678 | - Not Available 679 | - **[FREE/TRIAL DOWNLOAD LINKS]** 680 | - [Tines - Free Community Edition](https://www.tines.io/pricing) 681 | - **[FREE LEARNING LINKS]** 682 | - Not Available 683 | - **[PAID TRAINING LINKS]** 684 | - Not Available 685 | - **[DOCUMENTATION LINKS]** 686 | - [Tines Docs](https://docs.tines.io/) 687 | - **[SUPPORT LINKS]** 688 | - Not Available 689 | - **[USER FORUM LINKS]** 690 | - Not Available 691 | - **[APP DEVELOPMENT LINKS]** 692 | - Not Available 693 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 694 | - Not Available 695 | - **[REDDIT COMMUNITY LINKS]** 696 | - [Tines Reddit Account](https://www.reddit.com/user/tinesio/) 697 | - **[YOUTUBE LINKS]** 698 | - [Tines Youtube](https://www.youtube.com/channel/UC9b5oEph_6q6p1NV3FrTQIA) 699 | - **[TWITTER LINKS]** 700 | - [@tines_io](https://twitter.com/tines_io) 701 | - **[LINKEDIN LINKS]** 702 | - [Tines LinkedIn](http://linkedin.com/company/tines-io) 703 | - **[ONLINE CHAT GROUPS]** 704 | - Not Available 705 | 706 | ## SIEM-with-SOAR-Included 707 | - [Microsoft Azure Sentinel](https://azure.microsoft.com/en-us/services/azure-sentinel/) - Logic Apps used as SOAR Functionality 708 | - **[PRODUCT BLOG LINKS]** 709 | - [Product Blog](https://aka.ms/azuresentinelblog) 710 | - **[WEBINAR LINKS]** 711 | - [Security Webinars List](https://aka.ms/SecurityWebinars) 712 | - **[CONFERENCE SLIDES LINKS]** 713 | - [Ignite 2019 Recap](https://techcommunity.microsoft.com/t5/azure-sentinel/azure-sentinel-microsoft-ignite-2019-recap/ba-p/1006017) 714 | - **[FREE/TRIAL DOWNLOAD LINKS]** 715 | - [Free Trial on Azure Cloud](https://portal.azure.com/) 716 | - **[FREE LEARNING LINKS]** 717 | - [Azure Sentinel Ninja](https://aka.ms/SentinelNinjaTraining) 718 | - **[PAID TRAINING LINKS]** 719 | - Not Available 720 | - **[DOCUMENTATION LINKS]** 721 | - [Azure Documentation](https://aka.ms/asi_documentation) 722 | - **[SUPPORT LINKS]** 723 | - [Azure Support](https://aka.ms/AzureSentinelMicrosoft) 724 | - **[USER FORUM LINKS]** 725 | - [Azure Sentinel User forum](https://aka.ms/AzureSentinelCommunity) 726 | - **[APP DEVELOPMENT LINKS]** 727 | - [Github Repository](https://github.com/Azure/Azure-Sentinel) 728 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 729 | - [Azure Sentinel Product Feedback](https://feedback.azure.com/forums/920458-azure-sentinel) 730 | - **[REDDIT COMMUNITY LINKS]** 731 | - [Azure Sentinel Reddit](https://aka.ms/AzureSentinelReddit) 732 | - **[YOUTUBE LINKS]** 733 | - [Azure Sentinel Youtube](https://www.youtube.com/channel/UCGTUbqE3SJiLgtvWjIkSQuQ) 734 | - **[TWITTER LINKS]** 735 | - [Azure Sentinel Twitter](https://aka.ms/AzureSentinelTwitter) 736 | - **[LINKEDIN LINKS]** 737 | - [Azure Sentinel LinkedIN](https://aka.ms/AzureSentinelLinkedIn) 738 | - **[ONLINE CHAT GROUPS]** 739 | - [Azure Sentinel Telegram group](https://t.me/AzureSentinelSIEM) 740 | - [Azure Sentinel Telegram Feed group](https://t.me/AzureSentinelSIEMFEED) 741 | - [Securonix SOAR](https://www.securonix.com/products/security-orchestration-automation-and-response/) 742 | - **[PRODUCT BLOG LINKS]** 743 | - [Securonix Blog](https://www.securonix.com/blog/) 744 | - **[WEBINAR LINKS]** 745 | - [Securonix Webinars](https://www.securonix.com/resource-type/webinars/) 746 | - **[CONFERENCE SLIDES LINKS]** 747 | - [Securonix Conference Videos on Youtube](https://www.youtube.com/results?search_query=securonix+conference) 748 | - **[FREE/TRIAL DOWNLOAD LINKS]** 749 | - Not Available 750 | - **[FREE LEARNING LINKS]** 751 | - Not Available 752 | - **[PAID TRAINING LINKS]** 753 | - [Securonix Paid Training](https://www.securonix.com/services/training/) 754 | - **[DOCUMENTATION LINKS]** 755 | - [Securonix Documentation](https://documentation.securonix.com/onlinedoc/Content/Cloud/Content/Apps%20and%20Add%20ons/Securonix%20SOAR/On-Prem%20Guide/Securonix%20SOAR%20Overview.htm) 756 | - **[SUPPORT LINKS]** 757 | - [Securonix Support](http://support.securonix.com/support/login) 758 | - **[USER FORUM LINKS]** 759 | - [Securonix User Forum](https://securonixsupport.freshdesk.com/support/login) 760 | - **[APP DEVELOPMENT LINKS]** 761 | - [Securonix SOAR App Development](https://documentation.securonix.com/onlinedoc/Content/Cloud/Content/Custom%20Apps/Custom%20Functions.htm) 762 | - [Securonix Apps on Github](https://github.com/Securonix/CustomProcessor) 763 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 764 | - [Securonix Feature Requests](https://securonixsupport.freshdesk.com/support/login) 765 | - **[REDDIT COMMUNITY LINKS]** 766 | - [Securonix on Reddit](https://www.reddit.com/user/securonix/) 767 | - **[YOUTUBE LINKS]** 768 | - [Securonix on Youtube](https://www.youtube.com/channel/UCN3f7HTfuAlbbfy3RCQcd8w) 769 | - **[TWITTER LINKS]** 770 | - [Securonix on Twitter](https://twitter.com/Securonix) 771 | - **[LINKEDIN LINKS]** 772 | - [Securonix LinkedIN](https://in.linkedin.com/company/securonix) 773 | - **[ONLINE CHAT GROUPS]** 774 | - Not Available 775 | - [LogRhythm SOAR](https://logrhythm.com/solutions/security/security-automation-and-orchestration/) 776 | - **[PRODUCT BLOG LINKS]** 777 | - [LogRhythm Blog](https://logrhythm.com/blog/) 778 | - **[WEBINAR LINKS]** 779 | - [LogRhythm Webinars](https://logrhythm.com/webcasts/) 780 | - **[CONFERENCE SLIDES LINKS]** 781 | - [LogRhythm Conference Videos on Youtube](https://www.youtube.com/c/Logrhythm/search?query=rhythmworld) 782 | - **[FREE/TRIAL DOWNLOAD LINKS]** 783 | - [Available Only For Network Monitors](https://logrhythm.com/products/logrhythm-netmon-freemium/) 784 | - **[FREE LEARNING LINKS]** 785 | - [Free Training Videos](https://community.logrhythm.com/t5/Videos/ct-p/Webinars#TrainingBytes) 786 | - **[PAID TRAINING LINKS]** 787 | - [LogRhythm Paid Training](https://logrhythm.com/services/training/logrhythm-training/) 788 | - **[DOCUMENTATION LINKS]** 789 | - [LogRhythm Documentation](https://onlinehelp74.logrhythm.com/|https://onlinehelp73.logrhythm.com/|https://onlinehelp72.logrhythm.com/) 790 | - **[SUPPORT LINKS]** 791 | - [LogRhythm Support](https://logrhythm.com/services/global-support-services/) 792 | - **[USER FORUM LINKS]** 793 | - [LogRhythm User Forum](https://logrhythmcommunity.force.com/) 794 | - **[APP DEVELOPMENT LINKS]** 795 | - [LogRhythm Apps on Github](https://github.com/LogRhythm-Labs) 796 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 797 | - [LogRhythm Feature Requests](https://logrhythmcommunity.force.com/) 798 | - **[REDDIT COMMUNITY LINKS]** 799 | - [LogRhythm on Reddit](https://www.reddit.com/r/LogRhythm/) 800 | - **[YOUTUBE LINKS]** 801 | - [LogRhythm on Youtube](https://www.youtube.com/user/LogRhythmInc) 802 | - **[TWITTER LINKS]** 803 | - [LogRhythm on Twitter](https://twitter.com/LogRhythm?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) 804 | - **[LINKEDIN LINKS]** 805 | - [LogRhythm LinkedIN](https://www.linkedin.com/company/logrhythm/) 806 | - **[ONLINE CHAT GROUPS]** 807 | - [LogRhythm Telegram group](https://t.me/LogRhythmSIEM) 808 | - [RSA NetWitness Orchestrator](https://www.rsa.com/en-us/products/threat-detection-response/security-automation-orchestration/) - Based off Demisto or ThreatConnect 809 | - **[PRODUCT BLOG LINKS]** 810 | - [RSA NetWitness Orchestrator Blog](https://www.rsa.com/en-us/blog) 811 | - **[WEBINAR LINKS]** 812 | - [RSA NetWitness Orchestrator Webinars](https://www.rsa.com/en-us/company/webinars) 813 | - **[CONFERENCE SLIDES LINKS]** 814 | - [RSA Conference presentations](https://community.rsa.com/community/charge) 815 | - **[FREE/TRIAL DOWNLOAD LINKS]** 816 | - Not Available 817 | - **[FREE LEARNING LINKS]** 818 | - [RSA Netwitness Orchestrator Training](https://community.rsa.com/docs/DOC-93857) 819 | - **[PAID TRAINING LINKS]** 820 | - [RSA Netwitness Orchestrator Training](https://community.rsa.com/community/training/netwitness) 821 | - **[DOCUMENTATION LINKS]** 822 | - [RSA NetWitness Orchestrator Documentation](https://community.rsa.com/community/products/netwitness/orchestrator) 823 | - **[SUPPORT LINKS]** 824 | - [RSA Support](https://community.rsa.com/community/support) 825 | - **[USER FORUM LINKS]** 826 | - [RSA Support](https://community.rsa.com/community/support) 827 | - **[APP DEVELOPMENT LINKS]** 828 | - Not Available - See ThreatConnect and Demisto for development 829 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 830 | - [RSA Support](https://community.rsa.com/community/support) 831 | - **[REDDIT COMMUNITY LINKS]** 832 | - Not Available 833 | - **[YOUTUBE LINKS]** 834 | - [RSA Youtube](https://www.youtube.com/user/SecuredByRSA) 835 | - **[TWITTER LINKS]** 836 | - [RSA Twitter](https://twitter.com/RSAsecurity) 837 | - **[LINKEDIN LINKS]** 838 | - [RSA Linkedin](https://www.linkedin.com/company/rsa-the-security-division-of-dell-technologies/) 839 | - **[ONLINE CHAT GROUPS]** 840 | - Not Available 841 | 842 | ## Open-Source 843 | - [TheHive](https://thehive-project.org) 844 | - **[PRODUCT BLOG LINKS]** 845 | - [TheHive Product Blog](https://blog.thehive-project.org/) 846 | - **[WEBINAR LINKS]** 847 | - [TheHive Youtube Videos](https://www.youtube.com/results?search_query=thehive+cortex) 848 | - **[CONFERENCE SLIDES LINKS]** 849 | - [TheHive Conference Youtube Videos](https://www.youtube.com/results?search_query=thehive+cortex+conference) 850 | - **[FREE/TRIAL DOWNLOAD LINKS]** 851 | - [TheHive is Open Source Software and completely free to download](https://github.com/TheHive-Project/TheHive) 852 | - **[FREE LEARNING LINKS]** 853 | - [Free Training Material](https://github.com/TheHive-Project/TheHiveDocs/blob/master/training-material.md) 854 | - **[PAID TRAINING LINKS]** 855 | - Not Available 856 | - **[DOCUMENTATION LINKS]** 857 | - [TheHive Documentation](https://github.com/TheHive-Project/TheHiveDocs) 858 | - **[SUPPORT LINKS]** 859 | - [Log issue at Github](https://github.com/TheHive-Project/TheHive/issues) 860 | - **[USER FORUM LINKS]** 861 | - [Google Groups for User](https://groups.google.com/a/thehive-project.org/d/forum/users) 862 | - **[APP DEVELOPMENT LINKS]** 863 | - [How to write analyzers](https://github.com/TheHive-Project/CortexDocs/blob/master/api/how-to-create-an-analyzer.md) 864 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 865 | - [Create feature requests are made on github issues](https://github.com/TheHive-Project/TheHive/issues) 866 | - **[REDDIT COMMUNITY LINKS]** 867 | - Not Available 868 | - **[YOUTUBE LINKS]** 869 | - Not Available 870 | - **[TWITTER LINKS]** 871 | - [TheHive Twitter Account](https://twitter.com/thehive_project) 872 | - **[LINKEDIN LINKS]** 873 | - Not Available 874 | - **[ONLINE CHAT GROUPS]** 875 | - [TheHive Gitter](https://gitter.im/TheHive-Project/TheHive) 876 | - [Shuffle](https://shuffler.io/) 877 | - **[PRODUCT BLOG LINKS]** 878 | - [Creator Medium Blog](https://medium.com/@Frikkylikeme) 879 | - **[WEBINAR LINKS]** 880 | - Not Available 881 | - **[CONFERENCE SLIDES LINKS]** 882 | - Not Available 883 | - **[FREE/TRIAL DOWNLOAD LINKS]** 884 | - [Open Source on-prem edition](https://github.com/frikky/shuffle) 885 | - [Free On-Cloud version](https://shuffler.io/register) 886 | - **[FREE LEARNING LINKS]** 887 | - [Introduction blog](https://medium.com/security-operation-capybara/introducing-shuffle-an-open-source-soar-platform-part-1-58a529de7d12) 888 | - **[PAID TRAINING LINKS]** 889 | - Not Available 890 | - **[DOCUMENTATION LINKS]** 891 | - [Shuffle Documentation](https://shuffler.io/docs) 892 | - **[SUPPORT LINKS]** 893 | - [Contact information](https://shuffler.io/contact) 894 | - **[USER FORUM LINKS]** 895 | - Not Available 896 | - **[APP DEVELOPMENT LINKS]** 897 | - [Create App from Scratch](https://shuffler.io/apps/new) 898 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 899 | - [Create issue on github](https://github.com/frikky/shuffle) 900 | - **[REDDIT COMMUNITY LINKS]** 901 | - [Shuffle Introduction](https://www.reddit.com/r/netsec/comments/gnpn1t/introducing_shuffle_an_open_source_soar_platform/) 902 | - **[YOUTUBE LINKS]** 903 | - Not Available 904 | - **[TWITTER LINKS]** 905 | - [Shuffle Creator Twitter](https://twitter.com/Frikkylikeme) 906 | - **[LINKEDIN LINKS]** 907 | - Not Available 908 | - **[ONLINE CHAT GROUPS]** 909 | - [Online Gitter Chat](https://gitter.im/Shuffle-SOAR/community) 910 | - [WALKOFF](https://nsacyber.github.io/WALKOFF/) 911 | - **[PRODUCT BLOG LINKS]** 912 | - Not Available 913 | - **[WEBINAR LINKS]** 914 | - Not Available 915 | - **[CONFERENCE SLIDES LINKS]** 916 | - [WALKOFF CONFERENCE SLIDES](https://github.com/nsacyber/WALKOFF/tree/master/1.%20AVENGER_CON_WORKSHOP) 917 | - **[FREE/TRIAL DOWNLOAD LINKS]** 918 | - [WALKOFF Open Source Github Repository](https://github.com/nsacyber/WALKOFF) 919 | - **[FREE LEARNING LINKS]** 920 | - [WALKOFF Toturials](https://nsacyber.github.io/WALKOFF/tutorials/build/index.html) 921 | - **[PAID TRAINING LINKS]** 922 | - Not Available 923 | - **[DOCUMENTATION LINKS]** 924 | - [WALKOFF DOCUMENTATION](https://walkoff.readthedocs.io/en/latest/) 925 | - [WALKOFF DOCUMENTATION on Github](https://nsacyber.github.io/WALKOFF/documentation/build/index.html) 926 | - **[SUPPORT LINKS]** 927 | - [E-Mail WALKFOFF Support](walkoff@nsa.gov) 928 | - **[USER FORUM LINKS]** 929 | - Not Available 930 | - **[APP DEVELOPMENT LINKS]** 931 | - [APP DEVELOPMENT INSTRUCTIONS](https://walkoff.readthedocs.io/en/latest/apps.html) 932 | - **[REQUEST FOR ENHANCEMENTS LINKS]** 933 | - [Create issue on Github](https://github.com/nsacyber/WALKOFF) 934 | - **[REDDIT COMMUNITY LINKS]** 935 | - Not Available 936 | - **[YOUTUBE LINKS]** 937 | - Not Available 938 | - **[TWITTER LINKS]** 939 | - Not Available 940 | - **[LINKEDIN LINKS]** 941 | - Not Available 942 | - **[ONLINE CHAT GROUPS]** 943 | - Not Available 944 | - [catalyst](https://github.com/SecurityBrewery/catalyst) 945 | --------------------------------------------------------------------------------