Docker has a great possibilities in the incident response space. In this post, we'll talk about implementing Google Rapid Response via Docker. If you are new to docker please read my previous post about Docker Primer. I'll walk you though the step by step process to implement GRR with Docker and perform some forensic operations on Mac, Windows, Linux and Cloud endpoints. Here is the docker image of GRR: hub.docker.com/r/grrdocker/grr Run this command to pull the docker image on your server.