FIR – Fast Incident Response Platform
FIR (Fast Incident Response) is a cybersecurity incident management platform designed with agility and speed in mind. It allows for easy creation, tracking, and reporting cybersecurity incidents.

This platform is for anyone that needs to track cybersecurity incidents (CSIRTs, CERTs, SOCs, etc.).
The dashboard is split in two. At the top, you have a list of the starred incidents. You can star/unstar any incident by just clicking on the star icon in any incident list.
Then, there is tabs, that can contain any view interesting for the incident handler. By default, FIR has the following tabs:
-
Open
: list of incidents with the statusOpen
-
Closed
: list of incidents with the statusBlocked
-
Old
: list of the top 20 incidents with the statusOpen
that have not received the love they deserved recently -
Tasks
: this is provided by the fir_todos plugin, and will display all todo items withCERT
as accountable
There is a searchbar to find any alert based on keyword beside filtering to make it easy to search alert based on category or severity of the attack. The web shared interface allows IR team to add note or tag an alerts which will help the team in faster investigating future alerts and accelerate the investigation process.
You can read more and download this tool over here: https://github.com/certsocietegenerale/FIR