Velociraptor

Velociraptor is an endpoint visibility and digital forensics platform designed for scalable incident response and hunting across large fleets. It includes a query language and artifact repository that let analysts collect forensic artifacts, run live queries, and automate triage workflows. Velociraptor supports real-time monitoring as well as historical analysis, enabling swift detection and response to threats. The project integrates with SIEMs and other logging systems to centralize findings and support investigations. It is suited for SOCs and DFIR teams seeking a powerful, scriptable endpoint toolset.

Details

Deployment mode

Cloud, SaaS, web-based

Desktop Linux

Desktop Mac

Desktop Windows

On-premise Linux

Organisation

Recommended by NERO

This organisation collects external/opensource solutions and training resources collected and validated by NERO partners.

Training and support

Free trial available:

Available trainings

Ratings & reviews

This solution has not been reviewed yet.