Incident tracking & reporting
AbuseHelper
AbuseHelper is toolkit for CERT and Abuse teams. It is a modular, (hopefully) scalable and robust framework to help you in your abuse handling. With Abuse Helper you can retrieve Internet Abuse Handling related information via several sources, you can then aggregate that information based on different keys, such as AS numbers or country codes and send out reports in different formats, via different transports and using different timings.
AIRT (Application for Incident Response Teams)
AIRT is an application for Computer Security Incident Response. The target audience of AIR is incident response groups which provide end-user support.
Assuria Auditor
Assuria Auditor provides deep configuration and vulnerability scanning, inventory reporting, compliance assessment and powerful change detection through an extensible and flexible architecture. It provides vital information assurance and protection for critical business servers and helps maintain systems in a secure ‘known state’. Assuria Auditor utlises a comprehensive built-in Knowledge Base of known security vulnerabilities, security control configurations, up to date patch checks and security best practice information to enable organisations to easily bring their IT infrastructures up to high standards of security, especially servers. Internal IT security knowledge or experience is not necessary, because the built-in Assuria Auditor knowledge base includes not only the thousands of individual checks for a wide range of operating platforms, but also explanations of the implications of each vulnerability and step by step instructions on remediation.
Jitterbug
Jitterbug is an open-source web-based tracking system. Problems can be reported through web forms or e-mail and authenticated users can classify them, add notes and reply to messages from within the system. Various documentation and demonstrations are accessible through the web page.
MySQL
MySQL is an open source relational database that implements the SQL language. It is commonly combined with the PHP scripting language to provide database driven web sites, but has also been used to build incident tracking and reporting tools as well as databases of probes for trend and threat analysis.
Remedy Action Request system
Remedy is a commercial toolkit for building tracking systems. Remedy also sell applications, such as helpdesk and inventory tracking, which have been built using the toolkit; incident response teams have also used the system to build their own incident tracking and reporting applications.
RT (Request Tracker)
Request Tracker is a freely available trouble ticket system. RT is highly configurable. RT automatically records incidents, submitted by mail, stores the data in a database for further action by a staff member and sends a ticket to the user who submitted the incident.
RTIR (Request Tracker for Incident Response)
JANET-CERT have been working with Best Practical to produce a version of Request Tracker specifically designed for incident response work. The first beta release is now available for other teams to download. Mail addresses for bug reports, comments and suggestions, as well as a discussion list for CSIRT teams interested in using the product, can be found on the web page.
