Business/Management Track
Computer security incident response teams need to track incidents as they develop. To support day-to-day operations, teams need to be able to generate quick overviews of ongoing incidents, and they must be supported in their daily work by automating as much routine work as possible. AIRT is a web-based system to provide incident tracking capabilities to computer security incident response teams. Its design goals include to provide a comprehensive incident management console, ability to quickly associate external teams with IP addresses, the ability to create an incident in 30 seconds after receiving it, provisions for PGP signed mail, and more. This paper presents AIRT, its goals, architecture and its functionality.
http://www.first.org/conference/2006/papers/leune-kees-slides.pdf
Type: Slides
Format: application/pdf
Last updated: July 12, 2006
Size: 1.08 Mb
http://www.first.org/conference/2006/papers/leune-kees-papers.pdf
Type: Paper
Format: application/pdf
Last updated: May 18, 2006
Size: 161 Kb
Authors & presenters
Kees Leune (Tilburg University, NL) Sebastiaan Tesink (Tilburg University, NL)