Overview

Colander web platform is a case and incident response management platform that integrates seamlessly with the hardware and software components. Colander provides a centralized hub for managing investigations, streamlining workflows, and enabling effective collaboration among team members.

  • Knowledge management: Colander facilitates the organization and sharing of investigative knowledge, ensuring that insights are readily available to team members, promoting collaboration and efficiency.

  • Artifact management: Colander streamlines the handling and preservation of digital evidence, maintaining chain of custody and ensuring admissibility in legal proceedings.

Key features

  • Organize knowledge in different cases
  • Invite team member to collaborate to your cases
  • Represent the real world with generic entities such as artifact, actor, observable, event and more
  • Graph knowledge using the web graph editor
  • Write documentation at anytime
  • Import intelligence from 3rd-party service such as VirusTotal or OTX Alien Vault via Threatr
  • Collect and sign artifacts directly from your PiRogue
  • Analyze decrypted network traffic and payloads
  • Decode network payload with CyberChef
  • Apply Yara rules directly on the network traffic
  • Ensure artifact integrity and authenticity
  • Generate comprehensive data transmission report
  • Create feeds to export your findings in different formats

Installation

The deployment procedure is described on GitHub.