[dssa] CSIRT Stuff / framework
Hi, A while back, I was working on trying to develop a solution to address global CSIRT concerns, but in the slide show describes the various CERTs the way I see it. There are different type of CSIRTs Coordination Center CSIRT *Responsible for assessingsecurity incidents and coordinating information disseminationwith other CSIRTs Internal CSIRT *Responsible for full spectrum security incident remediationwithin the organization (incident management operations framework) Vendor CSIRT *Responsible for security incident remediationwithin a product or service Analysis Centers CSIRT *Trend and pattern analysis by subject matter (DNS, spam, phishing, etc...) Have a look, let me know what you think. Jack Attachment:
CIRA CSIRT Registry Authority v1.5.pdf
|