Welcome to the home page for the Application for Incident Response Teams (AIRT) AIRT is a web-based application that has been designed and developed to support the day to day operations of a computer security incident response team. The application supports highly automated processing of incident reports and facilitates coordination of multiple incidents by a security operations center. |
Home
AIRT features in ISSA Journal's Toolsmith
The Toolsmith section of ISSA Journal's August edition features a nice article (pdf) on AIRT. Russel McRee of HolisticInfoSec.org did a very nice writeup on his blog. While reviewing the software, Russ pointed out some bugs. The bugs have been fixed in the most recent release (20090726.1). |
New release improves import queue
With the recent outbreaks of Conficker and friends, import queues have been growing rapidly. It is now not unusual to process several hundred incidents via the import queue mechanism a few times a day. This release adds a few small features that make processing the import queue a lot more convenient.
|
AIRT release 20090221.1
AIRT release 20090221.1 has just been posted here. This bug minor release fixes two annoying bugs that prevented mail
templates from being deleted, and mail templates being untagged as
preferred for certain import queue elements. Just download the tarball, untar it and run configure and make install. Don't forget to run the database update script to set the release number.Detailed upgrade instructions are also online. |
AIRT version 20090121.1 released!
We are proud to announce that a new version of AIRT has been made available for download. This version incorporates a large number of new features, enhancements, bug fixes and user experience improvements. Improvements include:
Please report any problems or questions that you might encounter to developers@airt.nl. Commercial AIRT support is available via Leune Consultancy, LLC. |
1-4 of 4