What is SCOT?
SCOT is an Incident Response collaboration and knowledge capture tool focused on flexibility and ease of use. Our goal is to add value to the incident response process without burdening the user.SCOT was developed at Sandia National Laboratories by and for the Incident Response team over a period of several years. We’re making SCOT open source to try and help out the rest of the computer security community.
Why use SCOT?
SCOT was developed by incident responders for incident responders to make our jobs easier.
- Free text HTML (no hunting for the right field)
- Designed for Cyber Security data
- Instant updates keep the team in sync
- Automated detection/correlation of IPs, Email addresses, Domains and Hashes
- Integrated offline GeoIP databases
- Alert collection and standardization
- Plugin infrastructure for automation
- And much more
SCOT is now available on GitHub at the link below. Please see our documentation on ReadTheDocs for Install and usage instructions.