Security Watch

Sunday, November 23, 2008

Incident Response References

Tips for examining a suspect server to decide whether to escalate for formal incident response

Incident Questionnaire for Responders

Windows Intrusion Discovery

Linux Intrusion Discovery: 1, 2

Building Incident Response Plan

Incident Calcification mindmap

Incident Handling and Response - 147 Resources

What not to do when reporting an incident

Security Incident Rating

The big picture of security incident cycle

ENISA Practice Guide for Incident Management

ENISA, A step by step approach on how to setup a CSIRT

NIST 800-61, Incident Handling Guide

RFC 2350, Expectations for Computer Security Incident Response

Incident Handler's book, SANS Reading Room

Incident Response Recommendations

Tools:
Clearinghouse for Incident Handling Tools


Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest

No comments:

Post a Comment

Newer Post Older Post Home
Subscribe to: Post Comments (Atom)

About Me

Unknown
View my complete profile

Subscribe To

Posts
Atom
Posts
Comments
Atom
Comments

My Blog List

  • SANS Internet Storm Center, InfoCON: green
    Doc & RTF Malicious Document, (Mon, Jan 18th)
    9 hours ago
  • Didier Stevens
    Update: Python Templates Version 0.0.4
    16 hours ago
  • Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
    From "The Underground" With Love - A Compilation of Cybercrime Underground Chatter Referencing My Research
    4 days ago
  • extraexploit
    extraexploit memories
    8 years ago
  • CIP VIGILANCE
    The Middle East Joins the SCADA / ICS Standards Foray
    8 years ago

Blog Archive

  • Feb (1)
  • Nov (1)
  • Oct (1)
  • Jun (1)
  • May (1)
  • Mar (7)
  • Feb (8)
  • Jan (8)
  • Dec (12)
  • Nov (8)
  • Oct (14)
  • Sep (17)
  • Aug (11)
  • Jul (6)
  • Jun (15)
  • May (12)
  • Apr (12)
  • Mar (9)
  • Feb (12)
  • Jan (16)
  • Dec (10)
  • Nov (9)

Search This Blog
Awesome Inc. theme. Powered by Blogger.