Incident Response Investigation System (IRIS) Logo

Incident Response Investigation System (IRIS)

0
Free
Updated 11 March 2025
Security Operations
Incident Response
Collaboration
Incident Management
Docker
Visit Website

IRIS is a web collaborative platform designed to assist incident responders in sharing technical details during investigations. It consists of two main parts: IrisWeb, the core web application for managing the interface and database, and IrisModules, extensions that allow third parties to process data (e.g., enrich IOCs with MISP and VT, upload EVTX into Splunk). IRIS can function without modules, but default ones are preinstalled, and additional modules can be configured in the UI under Manage > Modules. The system is shipped in Docker containers for easy installation and upgrades using Docker compose.

FEATURES

EXPLORE BY TAGS

Incident Response

Collaboration

Incident Management

Docker

SIMILAR TOOLS

AWS Incident Response Kit (AIRK) Logo
AWS Incident Response Kit (AIRK)

A module-based AWS response tool for incident response in AWS environments.

Free
Security Operations
Auditd Configuration Best Practices Logo
Auditd Configuration Best Practices

A comprehensive auditd configuration for Linux systems following best practices.

Free
Security Operations
Megatron Logo
Megatron

A System for Abuse- and Incident Handling with log file analysis capabilities.

Free
Security Operations
Kansa Logo
Kansa

A modular incident response framework in Powershell that uses Powershell Remoting to collect data for incident response and breach hunts.

Free
Security Operations
Shuffle Automation Logo
Shuffle Automation

An automation platform with community support and documentation for easy development.

Free
Security Operations
sysmon-modular Logo
sysmon-modular

A Sysmon configuration repository for customizing Microsoft Sysinternals Sysmon configurations with modular setup.

Free
Security Operations
AWS Security Architectures Logo
AWS Security Architectures

A collection of AWS security architectures for various security operations.

Free
Security Operations
Windows Commands Abused by Attackers Logo
Windows Commands Abused by Attackers

Malware allows attackers to execute Windows commands from a remote environment

Free
Security Operations
LeakedIn.com Logo
LeakedIn.com

Check if your email address has been involved in a data breach.

Free
Security Operations

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy