We have hosted the application incident response automation in order to run this application in our online workstations with Wine or directly.
Quick description about incident response automation:
This tool simulates automated defensive actions, such as blocking an IP address on a firewall, in response to detected threats.Quick Start
To use this tool, run the responder:
# Block an IP address
python lab_runner.py incident-response --ip 10.10.10.xxx --reason "Malicious Activity Detected" .
Features:
- Automated Response: Appends "BLOCK" rules to a simulated firewall configuration file (firewall_rules.txt)
- Audit Logging: Logs the time, action, and reason for every response
Audience: End Users/Desktop, System Administrators, Testers.
Categories:
©2024. Winfy. All Rights Reserved.
By OD Group OU – Registry code: 1609791 -VAT number: EE102345621.