BreachBrief

BreachBrief is a web app (with optional Slack/Teams integration) that helps small-to-mid security teams run incident response without enterprise bloat. It ingests alerts and artifacts (SIEM exports, EDR notes, emails, chat logs, ticket updates) and builds a single incident workspace: a time-ordered timeline, evidence locker, task board, and stakeholder-ready status updates. An AI assistant drafts incident summaries, suggests next steps based on common playbooks (ransomware, BEC, credential stuffing), and highlights missing evidence (e.g., “no endpoint isolation confirmation,” “no log coverage for VPN”). The app focuses on speed and defensibility: every action is timestamped, sources are linked, and reports export to PDF/Word with chain-of-custody notes. It’s not trying to replace your SIEM/EDR—just the chaotic spreadsheets, docs, and ad-hoc war-room notes that make post-incident reporting painful.