ADDITESS CSIM

CSIM is a Cyber-Security Incident Management framework whose purpose is to provide a set of functionalities to support the operations of a CSIRT towards investigation and reporting on cyber-related incidents.

Apart from the incident management, CSIM aims to provide a unified data repository by gathering information from multiple heterogeneous sources (i.e. CTI, Analysis tools, etc.) Real-time monitoring of incoming data. Filtering and pattern matching techniques through a set of rules and IP configurations. Finally, CSIM aims to raise the awareness of constituents by providing alerting and information sharing mechanisms.

Pdf