Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Need Incident Handling Process Framework

From: Yuri Demchenko <demch () terena nl>
Date: Fri, 09 Nov 2001 21:40:00 +0100
There is a Trans-European activity on CSIRT coordination (TF-CSIRT) that
is also developing common Incident response framework based on IODEF
(Incident Object Description and Exchange Format) RFC3067

All information is available at the TF-CSIRT and IODEF WG webpages
http://www.terena.nl/task-forces/tf-csirt/
http://www.terena.nl/task-forces/tf-csirt/iodef/

And more is coming with Extended Incident Handling BOF (inch) to take
place at IETF52 on Monday 13.00-15.00 December 10, 2001
http://www.terena.nl/task-forces/tf-csirt/inch/inch-bof-ietf52-draft.txt

Yuri

J Jewitt wrote:


   Hi all,

   I'm looking for a source for boilerplate incident
response policies, plans, forms, checklists, etc. The
whole package.
   I work for a global company and I am responsible
for incidents occurring in North and South America,
and I'd like to have a nice, clean process.
   I have looked at "Incident Response" (O'Reilly) and
"Incident Response: Investigating Computer Crime"
(Mandia & Prosise) as well as some CERT and SANS
course materials.
   If someone knows of a resource, or would care to
send me sanitized versions of their framework, it
would be of benefit to anyone on the list wishing to
normalize their incident response process.

       thanks!
         J

__________________________________________________
Do You Yahoo!?
Find a job, post your resume.
http://careers.yahoo.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com


-- 
-----------------------------------------------------------------------
Yuri Demchenko, TERENA, Singel 468D, 1017 AW Amsterdam, The Netherlands 
Tel: +31 20 530 4488  Fax: +31 20 530 4499  E-mail: demchenko () terena nl
-----------------------------------------------------------------------

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: