Operating and Staffing a CSIRT
• Collection
Publisher
Software Engineering Institute
Topic or Tag
Abstract
The resources on this page address practical operational and technical issues that every CSIRT must consider. Below are the resources we provide. Here are a few that are available from other organizations as well:
- Site Security Handbook (RFC 2196) – Internet Engineering Task Force/Network Working Group memo
This handbook offers information about developing computer security policies and procedures for sites that have systems on the Internet. - The SANS Security Policy Project – SANS website
These resources provide information about the rapid development and implementation of information security policies. - The Role of Computer Security Incident Response Teams in the Software Development Life Cycle –
This BSI document discusses the role a CSIRT can play in the Systems Development Life Cycle (SDLC). - Incident Response Career Trends – GovInfoSecurity article
This document provides information about the skills needed today in incident response and describes how professionals can attain or refine those skills.
Collection Items
Incident Management Capability Assessment
• Technical Report
By Audrey J. Dorofee, Robin Ruefle, Mark Zajicek, David McIntire, Samuel J. Perl, Christopher J. Alberts, Carly L. Huth, Pennie Walters
The capabilities presented in this report provide a benchmark of incident management practices.
ReadAn Introduction to the Mission Risk Diagnostic for Incident Management Capabilities (MRD-IMC)
• Technical Note
By Christopher J. Alberts, Audrey J. Dorofee, Robin Ruefle, Mark Zajicek
The Mission Risk Diagnostic for Incident Management Capabilities revises the Incident Management Mission Diagnostic Method with updated and expanded drivers.
ReadFAQ: Collaboration Between the CERT Coordination Center and Computer Security Incident Response Teams Worldwide
• Brochure
By Software Engineering Institute
This FAQ answers questions related to the collaboration between the CERT/CC and CSIRTs worldwide.
Learn MoreState of the Practice of Computer Security Incident Response Teams (CSIRTs)
• Technical Report
By Georgia Killcrece, Klaus-Peter Kossakowski, Robin Ruefle, Mark Zajicek
In this 2003 report, the authors provide a study of the state of the practice of incident response, based on how CSIRTs around the world are operating.
ReadHandbook for Computer Security Incident Response Teams (CSIRTs)
• Handbook
By Moira West Brown, Don Stikvoort, Klaus-Peter Kossakowski, Georgia Killcrece, Robin Ruefle, Mark Zajicek
In this 2003 handbook, the authors describe different organizational models for implementing incident handling capabilities.
ReadCSIRT Services
• White Paper
By Software Engineering Institute
In this paper, the authors define computer security incident response team (CSIRT) services.
ReadPart of a Collection
CSIRT Resources