Incident Response Templates, Cheat Sheets, and more

Yesterday I put out a call to the Twitterverse looking for Incident Response templates. There were many excellent suggestions so I decided to aggregate them here for future use.

Good start:
http://www.zeltser.com/network-os-security/security-incident-questionnaire-cheat-sheet.html
http://www.zeltser.com/network-os-security/security-incident-survey-cheat-sheet.html
CIO-level http://www.cio.com/research/security/incident_response.pdf
DDOS related - http://www.zeltser.com/network-os-security/ddos-incident-cheat-sheet.html
Good list - http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,3629.msg19357/topicseen,1/

More depth:
http://www.first.org/resources/guides/
http://csrc.nist.gov/publications/nistpubs/800-61/sp800-61.pdf
Also see NIST Incident Response Templates: NIST SP 800-86, 800-83, 800-61rev1
http://www.sans.org/score/incidentforms/
http://www.sei.cmu.edu/publications/documents/03.reports/03hb002.html
http://labmice.techtarget.com/security/incidentresponse.htm
Digital Forensic Analysis Methodology Flowchart (PDF) http://www.cybercrime.gov/forensics_chart.pdf

Additional (not-IR specific sites):
http://www.cert.org/octave/
http://www.cerias.purdue.edu/tools_and_resources/
http://www.owasp.org/index.php/Main_Page
http://www.uribe100.com/index100.htm

Again, thanks to many in the Twitterverse who contributed: @lennyzeltser @shpantzer @idexperts @mikemurr @jth @cyberlocksmith @indi303 @raydavidson @richardebaker

1 comment:

Administrator said...

http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,3629.msg19848/topicseen,1/#new


I created this thread, it is very useful =)