IETF INCH Working Group Meeting
Software Engineering Institute
Computer security incidents occur across administrative domains, often spanning different organizations and national borders. Therefore, the free exchange of incident information and statistics among involved parties and the responsible Computer Security Incident Response Teams (CSIRTs) is crucial for both reactionary analysis of current intruder activity and proactive identification of trends that can lead to incident prevention.
The purpose of the Incident Handling (INCH) working group is to define a data format for exchanging security incident information used by a CSIRT.