PTS2022

DFIR-IRIS - collaborative incident response platform
2022-07-06, 10:35–10:55 (Europe/Paris), Amphitheater

DFIR-IRIS is a collaborative incident response platform recently published in open-source. It provides operational and efficient features to respond to IR challenges. Information sharing, real-time collaboration, timeline creation, forensic evidence ingestion, task logging, daily reports for customers... These are all necessary steps in an investigation that need to be simplified in order to reduce analysts' workload. From this statement was born DFIR-IRIS.


See also: 🎥 video

See also: slides

Théo Letailleur is an incident response analyst. He worked at Airbus Cybersecurity CSIRT for 4 years where DFIR-IRIS was born and will join the incident response team at Synacktiv. Théo is interested in software reverse-engineering and malware analysis.

Incident responder