DFIR-IRIS Documentation
Welcome to the DFIR-IRIS documentation
Here you can find anything related to the IRIS web application operations, as well as some documentation on the modules and development among other things.
New to IRIS ? This is where you can start.
Want to try out IRIS easily?
We have set up a free demonstration instance of the upcoming version v2.0.0 here.
This documentation is in constant evolution, so if you don't find what you are looking for, you can come back later or even better contact us so we can add the missing piece.
What's IRIS ?
In a nutshell, IRIS is a collaborative platform for incident response analysts that helps to share investigations at a technical level.
It's web application, so it can be either installed on a fixed-server, or on a laptop for roaming investigations where internet might not be available.
It is born following the struggle to share long and complex investigations among analysts.
The project is available on our Github organisation
Disclaimer
IRIS is still in its early stage. It can already be used in production, but please set backups of the database and DO NOT expose the interface on the Internet. We highly recommended the use of a private dedicated and secured network.
