companion tool

About this tag
The companion tool tag on WindowsForum.com covers the CISA Hunt and Incident Response Program (CHIRP) tool, a forensics collection utility designed to help network defenders detect indicators of compromise. Content focuses on post-compromise threat activity, including advanced persistent threat (APT) compromises such as the SolarWinds Orion incident and related Microsoft 365/Azure environment intrusions. Discussions emphasize using CHIRP for IOC detection, incident response, and forensic analysis in enterprise IT and security contexts.
  1. News

    VIDEO AA21-077A: Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool

    Original release date: March 18, 2021 Summary This Alert announces the CISA Hunt and Incident Response Program (CHIRP) tool. CHIRP is a forensics collection tool that CISA developed to help network defenders find indicators of compromise (IOCs) associated with activity detailed in the following...
Back
Top