Collaborative Incident Response Platform

Free and Open-Source. Streamline investigations, share technical details, and collaborate in real-time.

Start here->

Online Demo

Features

Built for faster Incident Response

Empower your team with the tools they need to respond, focus on the investigation, and collaborate effectively.

Multi-cases

Handle multiple incidents and investigations at once. Track progress of each case and collaborate with your team.

Save Technical Details

Register technical details, assets, IOC and evidence for each incident. IRIS takes care of making relations with previous investigations.

Build a Timeline

Every attack has a story. Track the timeline of events, actions and as well as decisions made during the investigation.

Take notes

Create notes, comments and observations during the investigation, track every technical details and decisions made in a wiki-like format.

Assign Tasks

Assign tasks to your team members, track their progress and make sure everything is on track to solve the incident.

Generate Reports

Generate automatic reports for each investigation, share them with your team or stakeholders. Export in multiple formats based on your templates.

Streamlined IR

Give your Incident Response Team a breath

Simple yet powerful, start collaborating with your team in minutes. From minor incidents to major breaches, handle them all with ease.

Built-in Alerts

Receive alerts effortlessly from your SIEM and all your trusted sources. Quickly triage, annotate, and correlate alerts to uncover critical insights and link related incidents. Once validated, escalate them into comprehensive cases to accelerate your investigation and resolution process.

Collaborate Seamlessly

IRIS streamlines every element of your investigations, organizing information so analysts can work together effortlessly. Our flexible approach adapts to your team’s unique workflow—no rigid constraints, just smooth, intuitive collaboration that drives faster, smarter incident resolution.

Integrations

IRIS is fully extensible with custom modules tailored to your needs, including built-in integrations for VirusTotal, MISP, WebHooks, and IntelOwl. Its API lets you manage investigations just like using the interface, enabling seamless automation and integration.

Supporting Us

As a free and open source project, we rely on the support of our community to continue development and improve our platform. If you find the platform useful and would like to help us sustain and grow, please consider supporting us financially through OpenCollective.

Support Usvia OpenCollective