An incident response tool currently in beta, GRR is for those times when you think your network might be compromised. Consisting of a server and an agent, with live forensics, GRR can be used to find an attack, contain it, assess its magnitude and severity, and corral the attacker before your network is completely wrecked.
The client agent runs on Windows, OS X, and Linux platforms, supporting raw disk and raw memory grabs, searching and downloading, and the ability to control agents en masse to search and compare files, regex values, and so on against forensic artifacts.
Designed to be enterprise scalable, GRR aims to make anything that can be done on one client as easy to do on thousands. When trouble strikes, you marshal your army of agents for the hunt.
The server provides a Web UI with IPython console access, basic system timelining, a basic reporting infrastructure, detailed monitoring of client processes, CPU, memory, and IO, with a scalable back end for larger deployments.
-- Victor R. Garza