FIRST - Improving Security Together 18th Annual FIRST Conference - June 2006 - Baltimore, Maryland

Designing and developing an Application for Incident Response Teams

Platinum Sponsor


Silver Sponsor


Local Host

CERT Coordination Center

Supporting Sponsors






Korea CertCC

Conference Schedule

Business/Management Track

Wednesday – June 28th, 16:30

Computer security incident response teams need to track incidents as they develop. To support day-to-day operations, teams need to be able to generate quick overviews of ongoing incidents, and they must be supported in their daily work by automating as much routine work as possible. AIRT is a web-based system to provide incident tracking capabilities to computer security incident response teams. Its design goals include to provide a comprehensive incident management console, ability to quickly associate external teams with IP addresses, the ability to create an incident in 30 seconds after receiving it, provisions for PGP signed mail, and more. This paper presents AIRT, its goals, architecture and its functionality.

Authors & presenters

  • NLKees Leune Presenter (Tilburg University, NL)

  • NLSebastiaan Tesink (Tilburg University, NL)

Conference Schedule