A critical computer security incident may cause great damage to an organization for example by a confidential data breach or malware pandemic. In order to avoid or mitigate such damage, a quick and accurate response against a computer security incident is becoming more important. In order to realize these quickness and accuracy, this paper presents the Incident Tracking System (ITS) that orchestrates several information systems and automates an initial incident response. The ITS automatically locates and isolates a suspicious host, and sends a mail notification to the person in charge of handling an incident. The ITS can also identify or suggest a user of the suspicious host by network authentication logs or other service logs.------------------------------This is a preprint of an article intended for publication Journal ofInformation Processing(JIP). This preprint should not be cited. Thisarticle should be cited as: Journal of Information Processing Vol.27(2019) (online)DOI　http://dx.doi.org/10.2197/ipsjjip.27.564------------------------------

A critical computer security incident may cause great damage to an organization for example by a confidential data breach or malware pandemic. In order to avoid or mitigate such damage, a quick and accurate response against a computer security incident is becoming more important. In order to realize these quickness and accuracy, this paper presents the Incident Tracking System (ITS) that orchestrates several information systems and automates an initial incident response. The ITS automatically locates and isolates a suspicious host, and sends a mail notification to the person in charge of handling an incident. The ITS can also identify or suggest a user of the suspicious host by network authentication logs or other service logs.------------------------------This is a preprint of an article intended for publication Journal ofInformation Processing(JIP). This preprint should not be cited. Thisarticle should be cited as: Journal of Information Processing Vol.27(2019) (online)DOI　http://dx.doi.org/10.2197/ipsjjip.27.564------------------------------