Fir - Fast Incident Response
FIR (Fast Incident Response) is an cybersecurity incident management platform designed alongside agility together with speed inwards mind. It allows for slowly creation, tracking, together with reporting of cybersecurity incidents.
FIR is for anyone needing to runway cybersecurity incidents (CSIRTs, CERTs, SOCs, etc.). It was tailored to suit our needs together with our team's habits, but nosotros lay a corking bargain of endeavor into making it every bit generic every bit possible earlier releasing it together with then that other teams around the Blue Planet may every bit good purpose it together with customize it every bit they catch fit.
See the wiki for the user manual together with to a greater extent than screenshots !
Installation
There are 2 ways to install FIR. If yous desire to accept it for a test-drive, simply follow the instructions for setting upwards a evolution environment inwards the Wiki.
If yous similar it together with desire to laid it upwards for production, here's how to produce it.
H5N1 dockerfile for running a dev-quality FIR setup is every bit good available inwards docker/Dockerfile.
Deploy to Heroku via fir/heroku_settings.py
Community
H5N1 dedicated users mailing listing is available https://groups.google.com/d/forum/fir-users
Technical specs
FIR is written inwards Python (but yous in all likelihood already knew that), using Django 1.9. It uses Bootstrap three together with some Ajax together with d3js to larn far pretty. We purpose it alongside a MySQL back-end, but experience gratuitous to purpose whatever other DB adaptor yous mightiness desire - every bit long every bit it's compatible alongside Django, yous shouldn't encounter whatever major issues.
FIR is non greedy performance-wise. It volition run smoothly on a Ubuntu 14.04 virtual machine alongside 1 core, a xl GB disk together with 1 GB RAM.
