DFLabs Complies with Gartner’s SIRP Guidelines

Learn how IncMan NG meets Gartner's Requirements of a Security Incident Response Platform.

Download White Paper
Contact Us


IncMan NG: the cutting-edge technology platform for managing and responding to cyber incidents. Faster, Smarter, Compliant.

Learn More
Contact Us


Securely Share your Incident Artifacts and Course of Actions with the use of STIX, IODEF, OpenIOC and VERIS

Ask for a Demo
Watch Video

SOC and CSIRT Orchestration

IncMan has been created for SOC and CSIRT orchestration, and It is currently being used by many Fortune 500 and Global 2000 worldwide.

Learn More
Contact Us

Challenges in Incident Response?

Discover the Challenges and Solutions for "Management and SEC Reporting of Cyber Security Incidents"

Download White Paper


Automated Incident Response Management can help customers in having Cyber Incidents Under Control. IncMan NG’s vision is to ensure maximum control on Cyber ​​Security Incidents with an advanced data breach, incident, & investigation management platform for CSIRT, SOC and Forensic Investigators, able to track, predict and visualize cybersecurity events.  Our platform provides the following capabilities:

  • SOC and CSIRT Orchestration
  • Automated Incident Management and Response
  • CyberSecurity and Incident Intelligence Sharing
  • Analytics, visualization and reporting.
  • Predictive Analysis
  • Bi-Directonal integration with over 50 third party, such as SIEM, Endpoint Protection and Forensics, Malware Analyzers and Threat Prevention, Threat Intelligence, Security Remediation and many others. Including Automated Response Actions.
  • Forensic Case and Evidence Management.
  • Dynamic Knowledge base for Standard and Regulatory Compliance.
  • Integrated with our Consulting Practice, in case you need our support to create purpose built workflow, templates and procedures.
  • Integrated with our Incident Response Professional Services, in case you need our practical help in the battleground.
  • Available On Premise and in the Cloud.


IncMan NG can be installed and provided in many ways, as it is multi-tenant, and is currently adopted by many Fortune and Global level Customers worldwide. Functionally, it helps both Security Operations and C-Level Managers to achieve one of their main objectives: having Cyber Incidents Under Control.

Should you be interested you can contact us for a demo.


"IncMan NG provides an outstanding customizable centralized incident management planform to keep track and provide customized reporting on forensic artifacts, incident tracking and IOCs. Due to our complex SOC and CIRT environment IncMan NG was the only product that met all of our needs."

Todd Strunce, Information Security Operations, Specialist III
Bridgestone Americas

"IncMan NG is second to none! It is a centralized incident management platform that is fully customizable for your automation needs. Has the ability to maintain your run books, forensic artifacts and IOCs all in one platform. This product is a must for all SOCs and CIRTs."

John McLeod, Information Security Manager
Fortune 500, Oil & Gas Industry (Texas)


"DF Labs is one of the top breach detection and incident response firms globally"

Steve Morgan
Founder and CEO of Cybersecurity Ventures


"IncMan is a well-rounded, customizable Incident Management system. The reports, dashboards and workflows are perfectly suited for the university and its students."

Abe Alirez, Network Operations
University of Advancing Technology, United States

"DFLabs is not just a technology company. Its Consulting practice continuously supports customers in creating Automated Workflow and Playbooks. Our time of execution of the process of IR decreased by 80%. A big plus."

Global HealthCare Provider


"Incident Response is a market that DFLabs is well positioned to serve with its long history and expertise. IncMan offering is designed 'by practitioners for practitioners’ and has all the technical foundations of a solid product."

Javvad Malik
Senior Analyst, Enterprise Security Practice, 451 Research

One Single Pane of Glass for your SOC and CSIRT Orchestration

We know that reducing the complexity of Cyber Security Incidents and Data Breaches with a single management platform results in dramatically enhanced reaction and resolution timeframes.In other words: Cyber Incidents Under Control


IncMan NG is highly customizable by the customer. User will not need us to map IncMan into their existing process. Records, Dashboards, Workflows and Intelligence can be tuned according to the customer requirements.


We support Incident Artifact Sharing within the GOV and MIL CERT Community.

Financial Services
Financial Services

We are FS-ISAC Affiliate Member. Providing Incident Intelligence to the FS World.


Prevent and Manage Incidents and Data Breaches. Avoid Legal and Risk Exposure.


Streamline your Incident Response collaborative process with DFLabs IncMan NG


Provide Incident Management Services based upon our Platform and Partner Program.

Retail Industry
Retail Industry

Respond to Cyber Incidents and Data Breach. Keep your Business Safe. Be Compliant.

Cyber Security Scenarios

Cyber Security Scenarios, such as Data Breach and Cyber Security Incidents, cannot be avoided. However, they can be effectively mitigated.

  • React fast! Reduce reaction time by cutting through the noise generated by existing security devices such as SIEMs;

  • Be compliant! Show that the organisation has taken all appropriate steps to deal with an incident and due diligence in handling it is ensured;

  • Share knowledge! Selectively share intelligence with the rest of the world in a controlled and effective way.

  • IncMan shares intelligence via a secure approach and also provides you with access to an advanced knowledge base, which can support you in promptly finding applicable information for swift incident resolution as well as root cause analysis.

  • We know that reducing the complexity of Cyber Security Incidents and Data Breaches with a single management platform and with the appropriate consulting and services results in dramatically enhanced reaction and resolution time-frames.

  • Financial Services: Enable your Security Operations and C-Level Management to take control of Cyber Incidents in every moment. Keep control of your legal exposure, risks and damage. Share your artifact anonimously with your peers (i.e. FS-ISAC).

  • GOV:  enable collaborative and automated real-time incident management as well as threat and breach response. Also, share intelligence with National CERT's and predict future incidents.

  • HealthCare: Streamline your cyber incident and data breach management. Automate response and compliance with dashboards and reports.  Support due diligence with senior management and the board, including Auditors and Regulatory Authorities.

  • Industries: Guarantee your Security Operations and CSIRT the possibility of keeping track of any type of Cyber Incidents. Keep track of any action. Be Compliant and protect your assets.


In other words: Cyber Incidents Under Control