New to IRIS ? This is where you can start.
This documentation is in constant evolution, so if you don't find what you are looking for, you can come back later or even better contact us so we can add the missing piece.
What's IRIS ?
In a nutshell, IRIS is a collaborative platform for incident response analysts that helps to share investigations at a technical level.
It's web application, so it can be either installed on a fixed-server, or on a laptop for roaming investigations where internet might not be available.
It is born following the struggle to share long and complex investigations among analysts.
The project is available on our Github organisation
IRIS is in its early stage. It can already be used in production, but please set backups of the database and DO NOT expose the interface on the Internet. We highly recommended the use of a private dedicated and secured network.