Home - abusesa/abusehelper Wiki

AbuseHelper

"But incident coordination is not an easy task, as you must keep track of many details and at the same time keep control over who has access to what information. Two tools that exist that are designed to help teams with incident coordination are AbuseHelper and Palantir...

... The two previously mentioned frameworks could be seen as starting points from which teams can build their competency."

- Damir Rajnovic in the article "Who’s Performing Computer Incident Coordination?"

What is AbuseHelper?

AbuseHelper is toolkit for CERTs and abuse teams. It is a modular, (hopefully) scalable and robust framework to help you in your abuse handling. With AbuseHelper you can retrieve Internet Abuse Handling related information via several sources, you can then aggregate that information based on different keys, such as AS numbers or country codes and send out reports in different formats, via different transports and using different timings.

What Are the Goals of the AbuseHelper Community

  • To bring further focus to somewhat scattered Internet abuse handling scene. For example a lot of different organizations are developing their own abuse handling systems.
  • To help the community in taking the next step by moving from works-for-me systems to modular, scalable, openly developed and shared ones by unifying varying workflows and terminology.
  • To test how new techniques such as our Screaming Experts approach for implementing very loosely coupled and extensible systems fares in real life.

Data Harmonization Ontology

This document has now been moved under the AbuseHelper repository docs/Harmonization.md