Re: Incident Response Database

["Jason M. Leonard" <fuzz () ldc upenn edu>]

On Thu, 18 Mar 2004 Valdis.Kletnieks () vt edu wrote:

> On Wed, 17 Mar 2004 13:08:32 PST, Jason May <jaymay75 () yahoo com>  said:
> > Does anyone have any suggestions on a good Incident
> > Response tracking database for tracking Incidents.  We
> > were looking at the CIRDB from Purdue, but I just
> > wanted to know if there was anything else out there.
>
> We've never encountered any sort of tracking that we couldn't do
> well with Remedy.  Two caveats:
>
> 1) It's pricey.
> 2) Remedy's strength is its customization.  That's also it's weakness.
> We're lucky enough to have several people on staff who know Remedy's
> innards really well.
>
> We already use it for our main help desk and network problem ticket system for
> a rather large network, so incident response isn't a big reach.  If you aren't
> already using it in your shop, installing it just for incident response would
> probably be overkill...

We use RT (Request Tracker) for our help desk and trouble ticket system.
It works great for all sorts of tracking and it's pretty handy for
managing non-human email accounts, as well.  Plus it's free.

http://www.bestpractical.com/rt/


:Fuzz

---------------------------------------------------------------------------
Free 30-day trial: firewall with virus/spam protection, URL filtering, VPN,
wireless security

Protect your network against hackers, viruses, spam and other risks with Astaro
Security Linux, the comprehensive security solution that combines six
applications in one software solution for ease of use and lower total cost of
ownership.

Download your free trial at 
http://www.securityfocus.com/sponsor/Astaro_incidents_040301
----------------------------------------------------------------------------