You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
companion tool
About this tag
The companion tool tag on WindowsForum.com covers the CISA Hunt and Incident Response Program (CHIRP) tool, a forensics collection utility designed to help network defenders detect indicators of compromise. Content focuses on post-compromise threat activity, including advanced persistent threat (APT) compromises such as the SolarWinds Orion incident and related Microsoft 365/Azure environment intrusions. Discussions emphasize using CHIRP for IOC detection, incident response, and forensic analysis in enterprise IT and security contexts.
Original release date: March 18, 2021
Summary
This Alert announces the CISA Hunt and Incident Response Program (CHIRP) tool. CHIRP is a forensics collection tool that CISA developed to help network defenders find indicators of compromise (IOCs) associated with activity detailed in the following...