Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Online Incident Response Management

From: "Ramki B Ramakrishnan" <bramkie () gmail com>
Date: Tue, 22 Jul 2008 18:51:20 +0530
You can also look at Cisco Systems MARS, it has case management.

http://www.cisco.com/go/mars

Ramki
-----
Ramki B. Ramakrishnan
Security Enthusiast
GIAC:GSEC, CvA


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of Gleb Paharenko
Sent: Tuesday, July 15, 2008 1:09 PM
To: Brooks Garrett
Cc: security-basics () securityfocus com
Subject: Re: Online Incident Response Management

Hi.

Netforensics and IBM ISS has Incident management workflows. But in my
opinion the papers signed by
real people usually give much more weight and should duplicate key
things in the incident. It is easier to work
when incident management software can fetch reports from SEIM and
therefore they often shipped together.


2008/7/14 Brooks Garrett <bg () brooksgarrett com>:

I'm looking for a way to bring my Incident Response SOP's online to
better document and control our Incidents. Are you guys currently
using any software for this purpose? I've looked at building a custom
Sharepoint site and also evaluated doing a Wiki. I'm really curious to
see what the rest of the industry is doing, so any input?

--
Thanks!

Brooks Garrett





-- 
Best regards.
Gleb Pakharenko.
http://gpaharenko.livejournal.com
http://www.linkedin.com/in/gpaharenko
Previous By Date Next
Previous By Thread Next

Current thread: