• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Cert/csirt

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Security Related Software

View previous topic :: View next topic  
Author Message
georgec
SF Staff
SF Staff


Joined: 15 Nov 2010
Posts: 0


Offline

PostPosted: Thu May 19, 2011 7:51 pm    Post subject: Cert/csirt Reply with quote

What software do you recommend to handle incidents in CERT/CSIRT setups?
Back to top
View user's profile Send private message Visit poster's website
Fire Ant
Trusted SF Member
Trusted SF Member


Joined: 27 Jun 2008
Posts: 3
Location: London

Offline

PostPosted: Fri May 20, 2011 10:12 am    Post subject: Reply with quote

Hi George,

Having worked through getting ISO27001 certification for a financial institution I found its not about the software but about processes and procedures. The software is very dependent on your environment.

Fire Ant
Back to top
View user's profile Send private message
georgec
SF Staff
SF Staff


Joined: 15 Nov 2010
Posts: 0


Offline

PostPosted: Fri May 20, 2011 6:50 pm    Post subject: Reply with quote

Thanks Fire Ant,
It's true that processes and procedures are of utmost importance but my concern is that I might need to interface the system with other CERT's applications in the future!
Back to top
View user's profile Send private message Visit poster's website
Fire Ant
Trusted SF Member
Trusted SF Member


Joined: 27 Jun 2008
Posts: 3
Location: London

Offline

PostPosted: Sun May 22, 2011 4:08 pm    Post subject: Reply with quote

You should certainly have some procedures and guidelines in place when creating an incident response plan. This really does depend on your environment though. You may not need to specify any software, it could be as simple as stating that you will call a qualified forensic/investigative team. It depends how deep you want to go.

Good Luck,

Fire Ant
Back to top
View user's profile Send private message
georgec
SF Staff
SF Staff


Joined: 15 Nov 2010
Posts: 0


Offline

PostPosted: Tue May 24, 2011 9:14 am    Post subject: Reply with quote

Thanks for the feedback. Actually, I am working on a project that coordinates more than one CERT, like having a main point of contact for several CERTs where incidents can be escalated to other CERTs through this unit. Back to my original question: I would need a common incident handling software application that interfaces with the others, at the moment I am visiting each CERT to create a list of products used!
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Security Related Software All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register