Security Incidents mailing list archives
Re: Incident Response Database
From: Valdis.Kletnieks () vt edu
Date: Thu, 18 Mar 2004 10:58:17 -0500
On Wed, 17 Mar 2004 13:08:32 PST, Jason May <jaymay75 () yahoo com> said:
Does anyone have any suggestions on a good Incident Response tracking database for tracking Incidents. We were looking at the CIRDB from Purdue, but I just wanted to know if there was anything else out there.
We've never encountered any sort of tracking that we couldn't do well with Remedy. Two caveats: 1) It's pricey. 2) Remedy's strength is its customization. That's also it's weakness. We're lucky enough to have several people on staff who know Remedy's innards really well. We already use it for our main help desk and network problem ticket system for a rather large network, so incident response isn't a big reach. If you aren't already using it in your shop, installing it just for incident response would probably be overkill...
Attachment:
_bin
Description:
Current thread:
- Incident Response Database Jason May (Mar 17)
- Re: Incident Response Database Jordan Wiens (Mar 17)
- Re: Incident Response Database Valdis . Kletnieks (Mar 18)
- Re: Incident Response Database Jason M. Leonard (Mar 18)
- RE: Incident Response Database Chris Krough (Mar 18)
- Re: Incident Response Database Russell Fulton (Mar 18)
- Re: Incident Response Database John Green (Mar 18)
- Re: Incident Response Database Lionel Ferette (Mar 18)
- Re: Incident Response Database Sebastian Jaenicke (Mar 18)
- Re: Incident Response Database Jason M. Leonard (Mar 18)
- iptables/netfilter logs viewer/analyzer Sabyasachi Chakrabarty (Mar 22)
- Re: iptables/netfilter logs viewer/analyzer Tony Carter (Mar 22)
- Re: iptables/netfilter logs viewer/analyzer Byron Sonne (Mar 23)
- <Possible follow-ups>
- Re: Incident Response Database wozz (Mar 18)