September 27, 2023 By Abraham Cueto Molina 3 min read

Incident response teams are stretched thin, and the threats are only intensifying. But new tools are helping bridge the gap for cybersecurity pros in Latin America.

IBM Security X-Force Threat Intelligence Index 2023 found that 12% of the security incidents X-force responded to were in Latin America. In comparison, 31% were in the Asia-Pacific, followed by Europe with 28%, North America with 25% and the Middle East with 4%. In the Latin American region, Brazil had 67% of incidents that X-Force responded to, followed by Colombia with 17% and Mexico with 8%. Peru and Chile split the remaining 8% of incidents.

In the face of rising incident volumes, the cybersecurity professional shortage is still a serious issue. According to the (ISC)2 Cybersecurity Workforce Study 2022, 3.4 million trained cybersecurity professionals are needed worldwide to deal with all of the cybersecurity attacks and help organizations minimize the impact of cybersecurity breaches.

As the talent shortage continues and threat actors refine their methods, cybersecurity professionals rely on a wide range of tools to stay ahead. There are paid commercial tools and free, open-source tools corresponding to a varied ecosystem of utilities designed in different programming languages (Python, Perl, Bash, PowerShell, etc.). These tools enable the automation of tasks to preserve and analyze artifacts related to forensic analysis and incident response, such as random-access memory (RAM), event logs, network connections, browsing histories, cache and more

One such tool is Tequila OS 2.0.

What is Tequila OS 2.0?

Students from the National Autonomous University of Mexico developed Tequila OS 2.0, the first Linux distribution in Latin America, specializing in performing forensic analysis in Spanish.

Image 1: Tequila OS 2.0

Tequila OS 2.0 is based on GNU/Linux and is easy to use. All users have to do is download the file with an ISO extension, create the virtual machine and run it. Alternatively, the user can download the files to run directly in a virtualization tool and enter the following credentials:

  • Username: “forense
  • Password: “unam

Once the Tequila OS 2.0 desktop is authenticated, it displays the following screen:

Image 2: Tequila OS 2.0 desktop

Tequila OS 2.0 Forensic Analysis Tools

Tequila OS 2.0 contains different tools that can perform forensic analysis and incident response, which are found in the “/Forense/” folder.

Image 3: Tequila SO 2.0 distribution tools

The tools are classified into different folders, each containing software such as Autopsy Forensic, Foremost, MyRescue, PhotoRec, Volatility, Exiftool, Metacam, Wireshark, Ghex, Galleta, Hashcat, ClamAV, Yara, Ophcrack, Jhon and Veracrypt, to name a few.

The main advantages of using Tequila OS 2.0 are:

  • Number of tools: Tequila OS 2.0 has around 60 tools for analysis and response to cybersecurity incidents.
  • Constant updates: The developers offer regular updates free of charge.
  • Automatic assembly: One-click mounting and unmounting of storage media are quick and easy.
  • Manuals in Spanish: Within the distribution itself, manuals in Spanish provide useful guides for all the tools.
  • Minimum memory requirement: Tequila OS 2.0 requires less than 1 GB of RAM to run.
  • Compatibility: Tequila OS 2.0 is compatible with any virtualization software.

As part of the Tequila project, an additional set of tools called Agave performs incident response in a Windows operating environment. To learn more about Agave and its incident response capabilities, check back for our future articles digging into its exciting potential.

Tequila OS 2.0 has proven to be the only one of its kind in Latin America as it is primarily focused on cybersecurity incident response activities. Over the course of its evolution, Tequila OS 2.0 has a higher stability compared to its predecessor, a more intuitive user interface, optimized performance, manuals in Spanish, more than 60 tools for cybersecurity incident response analysis, and it is compatible with any virtualization tool. These aspects make Tequila OS 2.0 an attractive Linux operating system option for all types of users in Latin America — and the world.

More from Incident Response

3 recommendations for adopting generative AI for cyber defense

3 min read - In the past eighteen months, generative AI (gen AI) has gone from being the source of jaw-dropping demos to a top strategic priority in nearly every industry. A majority of CEOs report feeling under pressure to invest in gen AI. Product teams are now scrambling to build gen AI into their solutions and services. The EU and US are beginning to put new regulatory frameworks in place to manage AI risks.Amid all this commotion, hackers and other cybercriminals are hardly…

What we can learn from the best collegiate cyber defenders

3 min read - This year marked the 19th season of the National Collegiate Cyber Defense Competition (NCCDC). For those unfamiliar, CCDC is a competition that puts student teams in charge of managing IT for a fictitious company as the network is undergoing a fundamental transformation. This year the challenge involved a common scenario: a merger. Ten finalist teams were tasked with managing IT infrastructure during this migrational period and, as an added bonus, the networks were simultaneously attacked by a group of red…

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today