PaulDotCom mailing list archives
Re: Recommendations for Incident Management database system
From: Mike Patterson <mike () snowcrash ca>
Date: Sat, 27 Apr 2013 13:01:30 -0400
Recommendation #1: read the JANET guide on how they use RTIR. Recommendation #2: don't take it as the gospel.I've streamlined our process a bit by not (always) using Reports or Investigations. I've also had our RT admin add a few custom fields to make my life easier when it comes to reporting.
Mike On 2013-04-24 12:08 PM, John Franklin wrote:
That looks (RTR) pretty interesting, I'm glad I stumbled across this discussion. On Tue, Apr 23, 2013 at 5:17 PM, Mike Patterson <mike () snowcrash ca> wrote:Seconded. RTIR is a bit weird and seems a bit klunky/heavy when you first start out with it, but if you're dealing with more than a few dozen incidents (we number ... significantly more) then it really helps. I've written some tools to ease reporting from RT+RTIR, they're on github if you get that far. Mike On 2013-04-23 10:57 AM, Tim Krabec wrote:http://bestpractical.com/**products.html<http://bestpractical.com/products.html> On Mon, Apr 22, 2013 at 11:00 PM, Dan Baxter <danthemanbaxter () gmail com>* *wrote: My employer has been using a ancient Notes database to track securityincidents. We are finally discussing getting rid of it. I'm looking for recommendations for replacements. This should be able to track data for a variety of security incidents, from a malware incident, to an investigation of an employee for fraud. I'm not looking for open source, necessarily, although that could be a bonus. Anyone have any recommendations? Thanks in advance. Dan Baxter ------------------------------**------------------- Quis custodiet ipsos custodes? "A sword never kills anybody; it is a tool in the killers hands."-Lucius Annaeus Seneca, c.4BC-65AD ______________________________**_________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/**cgi-bin/mailman/listinfo/**pauldotcom<http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom> Main Web Site: http://pauldotcom.com______________________________**_________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/**cgi-bin/mailman/listinfo/**pauldotcom<http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom> Main Web Site: http://pauldotcom.com______________________________**_________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/**cgi-bin/mailman/listinfo/**pauldotcom<http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom> Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Recommendations for Incident Management database system Dan Baxter (Apr 23)
- Re: Recommendations for Incident Management database system Tim Krabec (Apr 23)
- Re: Recommendations for Incident Management database system Mike Patterson (Apr 24)
- Re: Recommendations for Incident Management database system John Franklin (Apr 24)
- Re: Recommendations for Incident Management database system Brad Nelson (Apr 24)
- Re: Recommendations for Incident Management database system Mike Patterson (Apr 28)
- Re: Recommendations for Incident Management database system Mike Patterson (Apr 24)
- Re: Recommendations for Incident Management database system Tim Krabec (Apr 23)