CSIRT
CSIRT
Many large organizations have a Computer Security Incident
Response Team (CSIRT) to receive, review, and respond to computer
security incident reports, as shown in Figure 1. The primary mission of
CSIRT is to help ensure company, system, and data preservation by
performing comprehensive investigations into computer security
incidents. To prevent security incidents, Cisco CSIRT provides proactive
threat assessment, mitigation planning, incident trend analysis, and
security architecture review, as shown in Figure 2.
Cisco’s CSIRT collaborates with Forum of Incident Response and Security Teams (FIRST), the National Safety Information Exchange (NSIE), the Defense Security Information Exchange (DSIE), and the DNS Operations Analysis and Research Center (DNS-OARC).
There are national and public CSIRT organizations like the CERT Division of the Software Engineering Institute at Carnegie Mellon University, that are available to help organizations, and national CSIRTs, develop, operate, and improve their incident management capabilities.
Cisco’s CSIRT collaborates with Forum of Incident Response and Security Teams (FIRST), the National Safety Information Exchange (NSIE), the Defense Security Information Exchange (DSIE), and the DNS Operations Analysis and Research Center (DNS-OARC).
There are national and public CSIRT organizations like the CERT Division of the Software Engineering Institute at Carnegie Mellon University, that are available to help organizations, and national CSIRTs, develop, operate, and improve their incident management capabilities.
No comments: