Re: Incident Playbook Examples

[Dennis Bolton <bolton () OAKLAND EDU>]

Here is another link to some resources with direct download:

https://library.educause.edu/resources/2019/10/national-student-clearinghouse-playbooks?utm_source=Selligent&utm_medium=email&utm_campaign=sec_newsletter&utm_content=06-30-2020&utm_term=Incident+Response+Playbooks_&m_i=_ybR7VuS_ssm9LER8%2B963WVIJHP_gjUyJrnHd1AHKh4QbPYVPJOGj8tQXvH2yKWy1n7CirzWtMncytaXQ30T39MuS0_xJ4I__a&M_BT=21888701321
Dennis Bolton
Information Security Officer
Oakland University
Dodge Hall Rm 220
118 Library Drive
Rochester, MI 48309-4401
248-370-4803


On Tue, Sep 22, 2020 at 10:00 AM randy <marchany () vt edu> wrote:

> Societe Generale put out a set of IR playbook/checklists back in 2016 for
> a wide variety of attacks. It's free and at
> https://github.com/certsocietegenerale/IRM/tree/18a5abb20bd00072ec170cbca891d247f836682d
> or Google for "societe generale incident response methodology" to find the
> github site. I found it very useful as a starting point for our CIRT team.
>
> -Randy Marchany
> VA Tech IT Security Office and Lab
>
> On Tue, Sep 22, 2020 at 9:47 AM Jeremy Livingston <jeremy () njedge net>
> wrote:
>
> > All,
> >
> > Some of the Universities that I work with are ready to begin developing
> > Incident playbooks for some of the more common types of attacks they're
> > likely to face.
> >
> > I thought I had seen some examples from NIST or another source in the
> > past but can't locate them now.  Anyone know of good examples that we could
> > use as a starting point for these playbooks? (or do you have some you'd be
> > willing to share?)
> >
> >
> >
> > Thanks!
> >
> > *Jeremy M. Livingston*
> > Associate Vice President, Security Solutions Development & Chief
> > Information Security Officer
> > NJEdge <https://njedge.net/>
> > Jeremy () NJEdge net
> > 1-973-985-4996 (m)
> >
> >
> > **********
> > Replies to EDUCAUSE Community Group emails are sent to the entire
> > community list. If you want to reply only to the person who sent the
> > message, copy and paste their email address and forward the email reply.
> > Additional participation and subscription information can be found at
> > https://www.educause.edu/community
> **********
> Replies to EDUCAUSE Community Group emails are sent to the entire
> community list. If you want to reply only to the person who sent the
> message, copy and paste their email address and forward the email reply.
> Additional participation and subscription information can be found at
> https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community