Enterprise and often government are required to handle dozens of incident reporting sources at once, which is not resources or cost-effective at all.

Some companies are still using emails, ticket systems, CRMs, or messaging systems for incident reports.

To resolve this issue, they need a centralized incident tracking management system and here comes Cyphon.

Cyphon is an open-source incident management and response platform. It helps the enterprise to track incident from different sources, prioritize them and automate the response system for them.  

Cyphon (src: Cyphon)


  1. Collect incidents from many sources: REST-API, Firewall activities, log files, webhooks, social media and emails.
  2. Streamline incidents into a stream-flow
  3. Categorize the events
  4. Prioritize the events
  5. Alert certain events to a specific team
  6. View alerts by category, priority, and source
  7. Assign certain incidents to certain response team
  8. Automate the response to a ticketing system, an API-call
  9. Track/ investigate alerts and incidents to the source
Cyphon (src: Cyphon)

Use cases

  1. Security management: Cyphon can monitor Firewall events (incidents), log files and REST-APL and it can respond with a process like blocking an IP or locking down the system.

    With it's alerting, reporting and response capabilities, is the best open-source security incident management system.  

  2. Incident management for enterprises.
    Enterprise setup is complex, sometimes it has many installed system to report the incidents. With Cyphon it can work with variety of sources as to aggregate all incidents into one stream, categorizing, prioritizing and sending alerts to the designated teams to response.  

  3. Internet of Things (IoT).
    With hundreds or thousands of IoT devices installed, it's essential to keep tracking of their logs and incidents. Cyphon can provide a streamed log monitoring for the devices and report back for incidents as if a device goes offline.  

  4. Social media monitoring.
    Cyphon has built-in social medial monitoring tools, which will come in handy for enterprises that use social medial to communicate with their customers.
How does Cyphon works (src: Cyphon)


Cyphon project has two parts: ControlScan which is distributed under dual license, and Cyphon Engine which is distributed under GPLV3.0 license. However, Cyphon is free for personal and professional use.


  1. Cyphon: https://www.cyphon.io/
  2. GitHub: https://github.com/controlscanmdr/cyphon