August 8, 2012
It seeks to assist organizations in mitigating the risks
from computer security incidents by providing practical guidelines on
responding to incidents effectively and efficiently. The publication
details guidelines on establishing an effective incident response
program, as well as detecting, analyzing, prioritizing, and handling
incidents, including coordination and information sharing. SP 800-61
Revision 2 updates the previous revision, which was released in 2008. A
detailed change log is provided in Appendix H.
NIST announces the final release of Special Publication (SP) 800-61 Revision 2, Computer Security Incident Handling Guide.
Abstract
Computer security incident response has become an important component of information technology (IT) programs. Because performing incident response effectively is a complex undertaking, establishing a successful incident response capability requires substantial planning and resources.
This publication assists organizations in establishing computer security incident response capabilities and handling incidents efficiently and effectively. This publication provides guidelines for incident handling, particularly for analyzing incident-related data and determining the appropriate response to each incident.
The guidelines can be followed independently of particular hardware platforms, operating systems, protocols, or applications.
No hay comentarios:
Publicar un comentario