[unisog] Results of a Very short survey on IR tracking systems - http://www.surveymonkey.com/s.asp?u=404471987327

H. Morrow Long morrow.long at yale.edu
Wed Jun 14 14:48:48 GMT 2006


On Apr 5, 2006, at 5:36 PM, H. Morrow Long wrote:
> If you have a few seconds please take my very short survey  on IR  
> tracking systems:
> 	http://www.surveymonkey.com/s.asp?u=404471987327
> I'll make the final results available

Summary: 	For incident tracking, out of 83 higher ed respondents:

	28% use RT,
         18% use Remedy,
	18% use a homegrown solution,
	10% use RTIR,
         10% use an IMAP folder,
	9% use a text file,
	7.5% a Word doc,
         4 % use AIRT,
	6% use a spreadsheet,
	3% use an Access database,
         3% a MySql database and
	24% use a different solution from the above.

Details:

1. Are you tracking security incidents using a software program?
                 Response %      Histogram (1/2 Percentage Scale)
                 ----------      --------------------------------
     Yes         73.5%   61 *************************************
     No          26.5%   22 *************
     Total Respondents   83      (skipped this question)         1

2.  IR Tracking software

         What software package are you using to track incidents?
         Several open source and commercial bug tracking and trouble
         ticket systems are listed as well as a POP mail accounts,
         an IMAP folder (shared or non-shared), a spreadsheet, text
         file, document or database.

                 Response %      Histogram (1/2 Percentage Scale)
                 ----------      --------------------------------

                 Aegis Defect Tracking - (Hallogram Publishing)
                 0%      0

                 AIRT: Application for Incident Response Teams  
(SourceForge)
                 4.5%    3       **

                 CIRDB - Purdue Cerias Incident Response Database
                 0%      0

                 Essential Incident Master - Environmental Support  
Solutions
                 0%      0

                 GNATS / GNATSWEB - GNU Project
                 0%      0

                 GSS IssueTrak -- Global Support Software
                 0%      0

                 Jitterbug - Samba (Currently suspended)
                 0%      0

                 OTRS - Open Ticket Request System
                 0%      0

                 RT - Request Tracker (Best Practical)
                 28.4%   19      ***************

                 RTIR - Request Tracker for Incident Response (Best  
Practical)
                 10.4%   7       *****

                 Remedy - Remedy Action Request System
                 17.9%   12      *********

                 Visual Intercept - Elsinore Technologies
                 0%      0

                 POP mail account(s)
                 3%      2       *

                 IMAP folder (shared or non-shared)
                 10.4%   7       *****

                 Spreadsheet
                 6%      4       ***

                 Text file
                 9%      6       ****

                 Word document
                 7.5%    5       ***

                 Access database
                 3%      2       *

                 DBase III
                 0%      0

                 MySQL           *
                 3%      2

                 Custom/homegrown software solution
                 17.9%   12      *********

                 Other (please specify - see appended)
                 23.9%   16      ************

         Total Respondents       67
         (skipped this question)         17


3.      Is your IR ticketing/tracking system shared with other IT groups
         (help desk, etc.)?

                 Response %      Count Histogram (1/2 Percentage Scale)
                 ----------      ----- -------------------------
                 Yes     42.1%   32      *********************
                 No      51.3%   39      *************************
                 Other    6.6%   5       ***
                 (see appended)

         Total Respondents       76
         (skipped this question)         8

------------------------------------------------------------------------ 
--

Question #2 Addendum -- Open-Ended Results Detail

         Other category of IR systems

1.      Helpdesk system (TrackIT) - not used to track detail, just  
assign a tracking number open/close timestamps, and personnel involved.
2.      Looking at RTIR
3.      Track-IT (Blue Ocean)
4.      GWI c.Support
5.      None
6.      Standard Helpdesk Ticket System: Service Center by Peregrine
7.      JIRA from Atlassian Software
8.      Snitz Forum
9.      Service Center
10.     RightNow Service and a homegrown system
11.     Footprints (customized project) from Unipress.com
12.     Lotus Notes Database
13.     Bugzilla
14.     Assyst (Axios.com) for "routine" cases. High-sensitivity  
cases handled within shared-private folder documents.
15.     HEAT
16.     Infra Enterprise Solutions

Question #3 Addendum -- Open-Ended Results Detail

         Is your IR ticketing/tracking system shared with
         other IT groups (help desk, etc.)?

1.      Shared between multiple security groups
2.      Does not exist
3.      Same (small) group
4.      helpdesk can see selected data fields via a backend web  
interface
5.      partially, via RT


                                 # # #



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.dshield.org/pipermail/unisog/attachments/20060614/cf73ac6f/attachment.htm 


More information about the unisog mailing list