ThreatResponse Suite

AWS_IR CLI

AWS_IR automates your incident response with zero security preparedness assumptions. It can handle key and host compromises and collects all pertinent data in an S3 bucket along with the ThreatResponse Web workstation.

Read the Docs

Incident Pony™

Incident Pony is a first of its kind case management and Incident Response orchestration tool specifically designed for AWS. By wrapping our open source tools in a web front-end we've made it even easier to manage incidents in your cloud.

Learn More

Margarita Shotgun

Command line utility that works with or without Amazon EC2 instances to parallelize remote memory acquisition.

  1. Load the appropriate module from the ThreatResponse kernel module warehouse
  2. Acquire the memory by streaming to an S3 bucket using multi-part upload over ssh
Read the Docs

The Team

Andrew Krug

Creator ThreatResponse

@andrewkrug

Alex McCormack

Creator ThreatResponse

@amccormack

Joel Ferrier

Creator Margarita Shotgun

@joelferrier

Jeff Parr

Full Stack Engineer

@jparr

Join Us!

Become a contributor today!

Subscribe to our mailing list

* indicates required
Email Format

Supported By