What I really enjoy about your content is that you don't only show solutions but really go in-depth in them and demonstrate how they apply in the real world. What would be really awesome is a video on the different solutions you go over on your channel and explain different ways they complement each other. Thanks again man!

Your videos are unique and extremely useful. Great Contents , please do continue with more SOC related contents. I'm a senior cybersecurity engineer and your videos helps my team alot. All the best brother..

Hi Taylor, looks very interesting - is it possible to archive closed cases to MISP and is it directly usable to analyse with cortex, or did i have to use shuffle for interact between Wazuh, Cortex, MISP and DFIR-ISIS?

Hello, did you do a video about shuffle automation with IRIS ?

Love your videos btw

Hopefully you will demonstrate how to create a customized Incident Report Template by using DFIR-IRIS. Thanks

I think knowing that cortex is still open source it would be nice to create a connection between iris and cortex

Thank you, very helpful information

Great This tool is very useful 👍👍 Can we integrate with ELK?

Hi, thx for the video, as always enjoy your content! Did you know of any self-hosted solutions that are as complex as Microsoft 365 Defender stack? (Sentinel,MDE,MDI,MDO,MDC,MDCA,AAD,DLP,TIP,MDAV..). Closer to the "Zero Trust" concept than "Network-Based Security". Thx.

This is cool, I was looking for a thehive replacement. Is there a tie in for intelowl much like the hive has cortex?

Good one @Taylor

How much memory do I need to allocate on the server for it??

Your terminal looks amazing! 😮 What software is it?

Great video!!! Could you also make a (step-by-step) video how to get it working when someone is using Portainer as containermanagement software. Can't get it to work due to the use of all the interconnected Dockerfiles and scripts. All the images need to be constructed and then in one docker-compose file without all the seperate buildsteps you can start them in Portainer under stacks. But could not get it to work 😞

Sorry, the page you are looking for is currently unavailable. Please try again later. If you are the system administrator of this resource then you should check the error log for details. Faithfully yours, nginx.

Hi There, Wondering if anyone would be able to assist me with something, I have had some struggled with DFIR IRIS and getting it up and running but I have now managed to get it working, however when I try to find the admin password to sign into the portal it states: WARNING :: post_init :: create_safe_admin :: >>> Administrator already exists Wondering if anyone else had come across this and what they did to fix it, I can't seem to see a log of the admin password anywhere, I have checked the docker logs and still don't appear to see it it just states Administrator already exists, any help is much appreciated.

Can ElastAlert send alert to DFIR-IRIS ?

Nice tutorial :) How to post the elastalerts from praeco to iris?

Does IRIS support multi tenants like TheHive, would be so cool if it does

can i use dfir-iris without docker ??

Hola, de donde sacan los eventos?

The tool looks very useful

Hello, has anyone here been able to generate automatic alerts once they match with MISP or some other threat intelligence tool, using graylog for log management?

thank you for your effort. Could you make video for latest version 2.3 ? 😅

Thanks

cool, i will try this

How did you get the Virus total API Key?

awesome