FIR (Fast Incident Response) is an cybersecurity incident management platform designed with agility and speed in mind. It allows for easy creation, tracking, and reporting of cybersecurity incidents.
FIR is for anyone needing to track cybersecurity incidents (CSIRTs, CERTs, SOCs, etc.).
It was tailored to suit our needs and our team’s habits, but we put a great deal of effort into making it as generic as possible before releasing it so that other teams around the world may also use it and customize it as they see fit.
Also Read – SDK-SMS-Stack : GSM Short Message Service Provided with TPC/IP Based Characteristics
Installation
There are two ways to install FIR. If you want to take it for a test-drive, just follow the instructions for setting up a development environment in the Wiki.
If you like it and want to set it up for production, here’s how to do it.
A dockerfile for running a dev-quality FIR setup is also available in docker/Dockerfile.
Deploy to Heroku via fir/heroku_settings.py
Technical specs
FIR is written in Python (but you probably already knew that), using Django 1.9. It uses Bootstrap 3 and some Ajax and d3js to make it pretty.
We use it with a MySQL back-end, but feel free to use any other DB adaptor you might want – as long as it’s compatible with Django, you shouldn’t run into any major issues.
FIR is not greedy performance-wise. It will run smoothly on a Ubuntu 14.04 virtual machine with 1 core, a 40 GB disk and 1 GB RAM.
Roadmap
Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…
MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…
"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…
CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…
The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…
The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…