Mathias Fuchs alias CyberFox blogging about DFIR and Cyber Security.

Aurora Incident Response

Presenting AuroraIR the new Incident Response Management Tool.

After years of investigating major incidents, I realised that while we habe many tools to dig deep into artefacts and also tools to manage everyday incidents, we do not have many options when it comes to managing big incidents. I’m talking about those incidents where well versed attacker groups pivot through their victim’s network undetected for an extended amount of time.

Investigating these kind of incidents is a technical challenge but even more so an organisational one at times. That’s notz only true for external incident responders but aslso for internal CSIRTs.

AuroraIR helps the investigative lead to not only keep track of discovered facts and put them in context, but also manage the client, resources and tasks. Starting from the first call with the client through regular status updates to writing the final report, AuroraIR has you covered.

AuroraIR also provides visualisation features that help you to better understand and better present your case.

Download AuroraIR for free for free at the github repository