Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Need Incident Handling Process Framework

From: H C <keydet89 () yahoo com>
Date: Fri, 9 Nov 2001 11:48:44 -0800 (PST)
J,

It looks to me as if you've gone to all the right
places and seen a lot of very good material.  I think
that perhaps now, I don't really understand what it is
you're looking for.

The sites you've visited, and the books you've
reviewed, provide an excellent overview of what is
involved in an incident response policy and process.

Given that security must be tailored to the
infrastructure, one would think at this point all
that's left is for you to sit down and put pen to
paper, as it were.

You've got to start somewhere...so take what you've
already looked at and tailor it to suit your needs. 
None of us in this list can do it for you (which is
what you seem to be asking for), as none of us are
aware of the technical or political issues inherent in
your organization.

Why don't you do this...produce the policy,
process/procedure and forms yourself.  Then, if you
like, post them for review, suggestions, etc.  Sound
good?


   I'm looking for a source for boilerplate incident
response policies, plans, forms, checklists, etc.
The
whole package.
   I work for a global company and I am responsible
for incidents occurring in North and South America,
and I'd like to have a nice, clean process.
   I have looked at "Incident Response" (O'Reilly)
and
"Incident Response: Investigating Computer Crime"
(Mandia & Prosise) as well as some CERT and SANS
course materials.
   If someone knows of a resource, or would care to
send me sanitized versions of their framework, it
would be of benefit to anyone on the list wishing to
normalize their incident response process.




__________________________________________________
Do You Yahoo!?
Find a job, post your resume.
http://careers.yahoo.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: