[Intrusions] Incident Tracking Software

Affeld, James JAffeld at sccd.ctc.edu
Fri May 20 23:22:09 GMT 2005 

I'm liking sguil.  

Ties several useful tools into one console so you have pretty much all your sources of correlation info in one spot.  

-----Original Message-----
From: Leandro [mailto:leandro at ufrgs.br]
Sent: Thursday, May 19, 2005 2:05 PM
To: 'Intrusions List (GCIA Practicals)'
Subject: RES: [Intrusions] Incident Tracking Software


check out

http://bestpractical.com/   

Leandro Rey
CPD-UFRGS


-----Mensagem original-----
De: intrusions-bounces at lists.sans.org
[mailto:intrusions-bounces at lists.sans.org] Em nome de David Taylor
Enviada em: terça-feira, 17 de maio de 2005 19:46
Para: intrusions at incidents.org
Cc: security at isc.upenn.edu
Assunto: [Intrusions] Incident Tracking Software

Hi all,

I hope this list would be the right place to send this to.  I figure we all
deal with incidents on a daily basis and I am wondering how some of you keep
up with everything.

We currently don't have any software that we use that is specific to
incident tracking and are finding it is difficult to keep up with everything
in an organized manner.  Especially when we do campus-wide scans or if a
worm breaks out. We do use a software application called Remedy which is a
pretty good help desk application but we mainly use this to track DMCA
violations and request network port traces/disconnects (cause networking
says we have to use it to get work done).

Anyway, information security incidents don't seem to fit in regular help
desk software.  If any of you are using something that is working for you we
would love to hear about it.

Thanks in advance!


==================================================
David Taylor //Sr. Information Security Specialist
University of Pennsylvania Information Security 
Philadelphia PA USA
LTR at ISC.UPENN.EDU               (215) 898-1236
http://www.upenn.edu/computing/security/
================================================== 

SANS - The Twenty Most Critical Internet Security Vulnerabilities 
http://www.sans.org/top20/


_______________________________________________
Intrusions mailing list
Intrusions at lists.sans.org
http://www.dshield.org/mailman/listinfo/intrusions


_______________________________________________
Intrusions mailing list
Intrusions at lists.sans.org
http://www.dshield.org/mailman/listinfo/intrusions

More information about the Intrusions mailing list