[Bp_certs] Publicly Accessible Resources on CERTs/CSIRTs

Maarten Van Horenbeeck maarten at first.org
Thu Jul 24 03:37:34 EDT 2014 

Hi everyone,

These are two more documents which are not necessarily guidance on how to
start a CSIRT, but help assess its capability/maturity:

FIRST Site Visit Requirements:
http://www.first.org/membership/site-visit-V1.0.pdf
http://www.first.org/membership/site-visit-v2.0.pdf

Trusted Introducer Security Incident Management Maturity Model:
https://www.trusted-introducer.org/SIM3-mkXV-TI.pdf

They are used to help assess whether a CSIRT meets the requirements to be a
member of FIRST, or to independently gauge the maturity of a CSIRT for
certification in Trusted Introducer respectively.

In 2009, GovCert.nl (now NCSC-NL) of the Netherlands also published
"Cert-in-a-Box" with lessons from setting up GovCert.nl:

http://www.first.org/resources/guides#bp21

One of the older documents on establishing a CSIRT comes from AusCERT in
Australia. This dates back to 1995 but still retains some interesting notes
and personal experience:

http://www.auscert.org.au/render.html?it=2252

Best regards,
Maarten


On Wed, Jul 23, 2014 at 11:55 PM, K2 <comode at gmail.com> wrote:

> Hello All,
>
> This is Keisuke Kamata,
>
> I'd just share some list in my mind.
>
> A. JPCERT/CC publish Japanese version of CSIRT documents.
>     http://www.jpcert.or.jp/csirt_material/
>
> B. Not sure about this but NIST SP800-61Computer Security Incident
> Handling Guide
> http://csrc.nist.gov/publications/nistpubs/800-61rev2/SP800-61rev2.pdf
>
> C. RFC2350: Expectations for Computer Security Incident Response
> http://www.ietf.org/rfc/rfc2350.txt
>
>
>
>
>
> --
> kamata
>
>
> 2014-07-24 14:34 GMT+09:00 Adli Wahid <adli at apnic.net>:
> > Hi Everyone,
> >
> > I mentioned in my previous email about resources or references available
> > out there on planning, creating, managing  CERTs/CSIRTs.
> >
> > 1. Incident Management Publications -
> > http://cert.org/incident-management/publications/index.cfm
> >
> > 2. ENISA repository on CERT/CSIRT -
> > https://www.enisa.europa.eu/activities/cert
> >
> >
> >
> > Do you know if there is anything else out there?  perhaps in different
> > languages that could be added to the list.
> >
> >
> > Best Regards,
> >
> > --
> > Adli Wahid                        email:     adli at apnic.net
> > Security Specialist, APNIC        sip:  adli at voip.apnic.net
> > http://www.apnic.net              phone:    +61 7 3858 3100
> > ___________________________________________________________
> >  * Sent by email to save paper. Print only if necessary.
> >
> >
> >
> > _______________________________________________
> > Bp_certs mailing list
> > Bp_certs at intgovforum.org
> > http://mail.intgovforum.org/mailman/listinfo/bp_certs_intgovforum.org
>
> _______________________________________________
> Bp_certs mailing list
> Bp_certs at intgovforum.org
> http://mail.intgovforum.org/mailman/listinfo/bp_certs_intgovforum.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://intgovforum.org/pipermail/bp_certs_intgovforum.org/attachments/20140724/b6a7bff4/attachment.htm>

More information about the Bp_certs mailing list