Security Watch

Sunday, November 23, 2008

Incident Response References

Tips for examining a suspect server to decide whether to escalate for formal incident response

Incident Questionnaire for Responders

Windows Intrusion Discovery

Linux Intrusion Discovery: 1, 2

Building Incident Response Plan

Incident Calcification mindmap

Incident Handling and Response - 147 Resources

What not to do when reporting an incident

Security Incident Rating

The big picture of security incident cycle

ENISA Practice Guide for Incident Management

ENISA, A step by step approach on how to setup a CSIRT

NIST 800-61, Incident Handling Guide

RFC 2350, Expectations for Computer Security Incident Response

Incident Handler's book, SANS Reading Room

Incident Response Recommendations

Tools:
Clearinghouse for Incident Handling Tools


Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest

No comments:

Post a Comment

Newer Post Older Post Home
Subscribe to: Post Comments (Atom)

Subscribe To

Posts
Atom
Posts
Comments
Atom
Comments

My Blog List

  • Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
    Dancho Danchev's Blog - Open Call for Blog Contributors and Guest Bloggers
    5 hours ago
  • Didier Stevens
    Update: msoffcrypto-crack.py Version 0.0.4
    1 day ago
  • SANS Internet Storm Center, InfoCON: green
    Rig Exploit Kit Delivering VBScript, (Thu, Sep 12th)
    2 days ago
  • extraexploit
    extraexploit memories
    6 years ago
  • CIP VIGILANCE
    The Middle East Joins the SCADA / ICS Standards Foray
    7 years ago

Blog Archive

  • Feb (1)
  • Nov (1)
  • Oct (1)
  • Jun (1)
  • May (1)
  • Mar (7)
  • Feb (8)
  • Jan (8)
  • Dec (12)
  • Nov (8)
  • Oct (14)
  • Sep (17)
  • Aug (11)
  • Jul (6)
  • Jun (15)
  • May (12)
  • Apr (12)
  • Mar (9)
  • Feb (12)
  • Jan (16)
  • Dec (10)
  • Nov (9)

Search This Blog
Awesome Inc. theme. Powered by Blogger.