Resources
Location:
Defining Incident Management Processes for CSIRTs: A Work in Progress

Defining Incident Management Processes for CSIRTs: A Work in Progress

Title:Defining Incident Management Processes for CSIRTs: A Work in Progress (ID: CSD3849)
Author(s):Christopher Alberts (Carnegie Mellon University), Georgia Killcrece (Carnegie Mellon University), Robin Ruefle (Carnegie Mellon University) and Mark Zajicek (Carnegie Mellon University)
Topics:Cybersecurity, Incident Handling and Response, Security Management, Security Planning
Source:Carnegie Mellon Software Engineering Institute
Origin:Community Contributions (2003)
Type:Articles, Papers, and Reports
Abstract:This report presents a prototype best practice model for performing incident management processes and functions. It defines the model through five high-level incident management processes: Prepare/Sustain/Improve, Protect Infrastructure, Detect Events, Triage Events, and Respond. Workflow diagrams and descriptions are provided for each of these processes.
View this resource:
[Off site]
 |  |  | 
Bookmark/Search this page with:
   del.icio.us   Digg   Google   Yahoo   Technorati Stumbleupon Facebook Twitter

 
© Copyright 1999-2009 EDUCAUSE
  Unless otherwise noted, EDUCAUSE holds the copyright on all materials published by the association, whether in print or electronic form. In certain cases the work remains the intellectual property of the individual author(s) (see Special Circumstances). Content from conference speeches, presentations, blogs, wikis and feeds reflect the opinions of the author, and not necessarily those of EDUCAUSE or its members.