When specific criteria are met, CLIRSec provides out-of-the-box active responses to perform various countermeasures to address current threats, such as limiting access to a system from the threat source.
It can also be used to run commands or system queries remotely, as well as locate indications of compromise (IOCs) and assist with other live forensics or incident response operations.