iR

Cyber Ecosystem

Synapse-iRespond

NIST-aligned incident response, built for accountable teams.

Overview

Synapse-iRespond is a full incident-response platform built around the NIST SP 800-61 lifecycle, with tamper-evident chain-of-custody evidence handling and mandatory MFA on every account — built for teams that need to prove what they did, not just do it.

Features

  • Auto-seeded NIST SP 800-61 incident workflow
  • HMAC-chained, tamper-evident chain of custody for evidence
  • Alert-to-case dynamic triage
  • Declarative, file-based SOAR playbooks (import / enable / run)
  • Inbound ingest sources so external tools can push alerts in
  • Network adapter visibility and reconfiguration (preview-gated)

Capabilities

  • Five-tier RBAC: read-only, tier 1/2, incident commander, admin
  • Mandatory TOTP MFA, two-step login for every account
  • MITRE ATT&CK / VERIS taxonomy tagging and MISP indicator support
  • Hash-chained audit log across the whole platform
  • Encrypted, per-integration credential storage

Benefits

  • Defensible, auditable incident records out of the box
  • Analysts push alerts in from any tool via a scoped ingest key
  • Async Celery pipeline keeps heavy playbooks from blocking the UI

How it links to other apps

iRespond is the ecosystem's evidence-first incident responder — a heavier-weight, compliance-oriented counterpart to Synapse IronNode's lightweight AI-driven SOAR, for teams whose priority is auditability over automation speed.

No documents uploaded yet.