{"id":23140987,"url":"https://github.com/securitybrewery/catalyst","last_synced_at":"2025-04-06T06:12:38.919Z","repository":{"id":37038562,"uuid":"437681627","full_name":"SecurityBrewery/catalyst","owner":"SecurityBrewery","description":"Catalyst is an open source SOAR and ticket system that helps to automate alert handling and incident response processes","archived":false,"fork":false,"pushed_at":"2024-04-19T12:22:01.000Z","size":7956,"stargazers_count":268,"open_issues_count":11,"forks_count":32,"subscribers_count":5,"default_branch":"main","last_synced_at":"2024-04-19T13:39:30.444Z","etag":null,"topics":["dfir","digital-forensics","incident-response","soar"],"latest_commit_sha":null,"homepage":"https://catalyst-soar.com","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SecurityBrewery.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2021-12-12T23:37:50.000Z","updated_at":"2024-04-19T13:39:37.543Z","dependencies_parsed_at":"2024-01-13T11:12:48.283Z","dependency_job_id":"2acf6da9-e19d-4370-a064-7421bab85e54","html_url":"https://github.com/SecurityBrewery/catalyst","commit_stats":null,"previous_names":[],"tags_count":41,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SecurityBrewery%2Fcatalyst","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SecurityBrewery%2Fcatalyst/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SecurityBrewery%2Fcatalyst/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SecurityBrewery%2Fcatalyst/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SecurityBrewery","download_url":"https://codeload.github.com/SecurityBrewery/catalyst/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247441059,"owners_count":20939239,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dfir","digital-forensics","incident-response","soar"],"created_at":"2024-12-17T14:12:09.711Z","updated_at":"2025-04-06T06:12:38.897Z","avatar_url":"https://github.com/SecurityBrewery.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003e\n  \u003cpicture\u003e\n    \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"ui/src/assets/flask_white.svg\"\u003e\n    \u003cimg width=\"30\" alt=\"Shows an illustrated sun in light color mode and a moon with stars in dark color mode.\" src=\"ui/src/assets/flask.svg\"\u003e\n  \u003c/picture\u003e\n  Catalyst\u003c/h1\u003e\n\u003ch3 align=\"center\"\u003eSpeed up your reactions\u003c/h3\u003e\n\u003ch4 align=\"center\"\u003e\n\u003ca href=\"https://catalyst.security-brewery.com/\"\u003eWebsite\u003c/a\u003e\n- \n\u003ca href=\"https://catalyst.security-brewery.com/docs/category/catalyst-handbook\"\u003eThe Catalyst Handbook (Documentation)\u003c/a\u003e\n-\n\u003ca href=\"https://try.catalyst.security-brewery.com/\"\u003eDemo\u003c/a\u003e\n\u003c/h4\u003e\n\n\nCatalyst is an incident response platform.\nIt can help to automate your alert handling and incident response procedures.\n\n## Features\n\n### Ticket (Alert \u0026 Incident) Management\n\nTickets are the core of Catalyst.\nThey represent alerts, incidents, forensics investigations,\nthreat hunts or any other event you want to handle in your organisation.\n\n\u003ccenter\u003e\n    \u003ca href=\"/docs/screenshots/ticket.png\"\u003e\n      \u003cimg alt=\"Screenshot of a ticket\" src=\"/docs/screenshots/ticket.png\" /\u003e\n    \u003c/a\u003e\n\u003c/center\u003e\n\n### Tasks\n\nTasks are the smallest unit of work in Catalyst. They can be assigned to users and have a status.\nTasks can be used to document the progress of an investigation or to assign work to different users.\n\n\u003ccenter\u003e\n    \u003ca href=\"/docs/screenshots/tasks.png\"\u003e\n      \u003cimg alt=\"Screenshot of the tasks part of a ticket\" src=\"/docs/screenshots/tasks.png\" /\u003e\n    \u003c/a\u003e\n\u003c/center\u003e\n\n### Reactions\n\nReactions are a way to automate Catalyst.\nEach reaction is composed of a trigger and an action.\nThe trigger listens for events and the action is executed when the trigger is activated.\nThere are triggers for HTTP/Webhooks and Collection Hooks and actions for Python and HTTP/Webhooks.\n\n\u003ccenter\u003e\n    \u003ca href=\"/docs/screenshots/reactions.png\"\u003e\n      \u003cimg alt=\"Screenshot of the reactions\" src=\"/docs/screenshots/reactions.png\" /\u003e\n    \u003c/a\u003e\n\u003c/center\u003e\n\n### Timelines\n\nTimelines are used to document the progress of an investigation.\nThey can be used to document the steps taken during an investigation, the findings or the results of the investigation.\n\n### Dashboards\n\nCatalyst comes with a dashboard that presents the most important information at a glance.\n\n\u003ccenter\u003e\n    \u003ca href=\"/docs/screenshots/dashboard.png\"\u003e\n        \u003cimg alt=\"Screenshot of the dashboard\" src=\"/docs/screenshots/dashboard.png\" /\u003e\n    \u003c/a\u003e\n\u003c/center\u003e\n\n### Ticket Types\n\nTemplates define the custom information for tickets.\nThe core information for tickets like title, creation date or closing status is kept quite minimal\nand other information like criticality, description or MITRE ATT\u0026CK information can be added individually.\n\n### Custom Fields\n\nCustom fields can be added to tickets to store additional information.\nThey can be used to store information like the affected system, the attacker's IP address or the type of malware.\nCustom fields can be added to ticket types and are then available for all tickets of this type.\n\n### More\n\nCatalyst supports a lot more features like: Links, Files, or Comments on tickets.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsecuritybrewery%2Fcatalyst","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsecuritybrewery%2Fcatalyst","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsecuritybrewery%2Fcatalyst/lists"}