12/03/2015

Meet FIR - our cybersecurity incident management platform

Two years ago we started looking for a tool to help us manage the large number of incidents we have to deal with daily. As most of other CSIRT teams out there, we were left quite disappointed with the tools that were out there (free or not). So we decided to roll our own.

FIR stands for "Fast Incident Response". It's meant to be exactly that - fast and agile - so that we can focus on responding to incidents rather than filling forms. Over the past months, we've been looking behind us and we thought that it would be a good idea to release it to the public.

First and foremost, in hope of helping the community out by providing a simple tool to manage cybersecurity incidents, but also to learn from our fellow responders and give them the opportunity to share their workflows and methods and contribute to this project.

So we're releasing FIR to the public. You'll find everything you need to test it out on our GitHub repo: https://github.com/certsocietegenerale/FIR. Everything you need to know to get rolling is on the Wiki. Remember, this is the tool we use daily to manage and keep track of our incidents, so expect lots of new features (and, of course, the inevitable bug or two) and a reasonable amount of reactivity on open issues. We'll be happy to merge your pull requests in exchange.

A dedicated users mailing list is also available https://groups.google.com/d/forum/fir-users

Sharing is caring!