Incident Response Management System

Ngen is a powerful security incident management system designed specifically for CSIRTs. It streamlines incident tracking, automates repetitive tasks through integration with tools like IntelMQ, Cortex, Kintun, and MISP, and enhances team collaboration. With features like artifact management, auditing, secure communication, and report generation, Ngen empowers CSIRTs to respond swiftly to cyber threats, ensuring detailed documentation and thorough analysis of each incident.

✨ Quick Start in Docker

Get the code

$ git clone https://github.com/CERTUNLP/ngen.git
$ cd ngen

Start the app in Docker on develop mode:

$ cd docker
$ docker compose build
$ docker compose up

• Frontend server on port 3000
• API server on port 8000

✨ Default credentials

ngen:ngen

Start the app in Docker on production

This uses image on dockerhub. Set DJANGO_DEBUG=False in the file ngen.env and:

$ cd docker
$ docker compose -f docker-compose-prod.yml up

Start with elasticsearch

Note: If you want to disable it set ELASTIC_ENABLED=false and remove containers (maybe you need to prune). Set ELASTIC_ENABLED=true in the file ngen.env and:

$ cd docker
$ docker compose --profile elastic up