From the course: Complete Guide to Open Source Security

Unlock the full course today

Join today to access over 24,500 courses taught by industry experts.

Managing incidents with IRIS

Managing incidents with IRIS

From the course: Complete Guide to Open Source Security

Start my 1-month free trial Buy for my team

Managing incidents with IRIS

- [Instructor] We're at the IRIS dashboard and we can see that we have one open case. We can scroll down to the attributed open cases section and we find that we have an initial demo case available. We can click on the case and we get a description of the incident. At the top right, we can see that the case has a customer identifier and a SOC identifier. At the left we have the main menu and we're at case. We have options of alerts, search, activities and DFIR-IRIS module or DIM tasks. We've also got a management section in which we can manage cases and advance settings. If we click on manage cases, we can see that we've just got the one. If we open advance settings, we can see that we have a number of system settings. We won't go through them all, but let's select Access Control and we can see that this is where we can add users. Let's add a user, Sam Spade. The full name will be Sam Spade, the login S Spade. We'll set the email as sspade@example.com and we'll enter the password and…

Contents