ScopeScribe

ScopeScribe is a web app (with optional desktop agent) for incident responders who waste hours turning scattered evidence into a defensible incident scope. It ingests logs, alerts, and notes from common sources (SIEM exports, EDR timelines, email headers, firewall logs) and builds a time-ordered incident narrative, asset list, and “known/unknown” scope map. It’s a combination traditional + AI app: traditional pipelines normalize and correlate events; AI helps summarize, extract entities (users, hosts, IPs), and draft stakeholder-ready updates. The product focuses on the unglamorous middle of IR—triage-to-scope—where teams get stuck, over-notify, or miss impacted systems. Outputs are exportable as a case packet (PDF/JSON) with citations back to raw evidence, so responders can defend decisions during audits, insurance claims, or postmortems.