True Positive is a collaborative, web-based case management tool for organizing information about security investigations. It's open source; find it on GitHub.
You may like True Positive if:
- You're using Jira, SharePoint, Google Docs, or a service desk tool for managing your security-related cases, and are looking for a more suitable tool.
- You've checked out TheHive, RTIR, or other existing case management tools and found that they don't meet all your needs.
- You're a hobbyist who likes experimenting with new DFIR tools.
- You work at an internal detection/response team, a SOC, a MSSP, or an incident response firm.