Post Sat Feb 25, 2006 4:14 pm

New Incident Response Board

There are many different ways to look at incident response. For the purposes of this site we will look at it in the following ways:

  • Does an event qualify as an 'incident' and require a response such as an ethical hack or forensic investigation?
  • What do you do with the information obtained during your ethical hack or forensic investigation?
  • Who else needs to be involved?

This new discussion board will include topics such as writing your incident response policy, creating your CIRT (Computer Incident Response Team), experiences dealing with an incident, tools and techniques utilized, law enforcement and/or legal involvement, lessons learned with subsequent modifications to the policy and more.

I look forward to your participation,
Don
CISSP, MCSE, CSTA, Security+ SME