This documentation serves as a comprehensive guide to the IRIS web application operations, modules, and development.
If you're new to IRIS, we recommend starting with our Getting Started guide to learn the basics.
For those who want to try out IRIS easily, we offer a free demonstration instance of the rolling beta version here.
Our documentation is constantly evolving, so if you don't find what you're looking for, please contact us so we can add the missing piece.
What is IRIS?
IRIS is a collaborative platform for incident response analysts that helps to share investigations at a technical level. It's a web application that can be installed on a fixed-server or on a laptop for roaming investigations where internet might not be available.
IRIS was born out of the struggle to share long and complex investigations among analysts.
The project is available on our Github organization.
Disclaimer
IRIS is still in its early stages. It can already be used in production, but please set backups of the database and DO NOT expose the interface on the Internet. We highly recommend the use of a private dedicated and secured network.
