Statements (49)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:organization
|
| gptkbp:alsoKnownAs |
gptkb:IRT
gptkb:CSIRT Computer Security Incident Response Team |
| gptkbp:collaboratesWith |
gptkb:law_enforcement
regulatory bodies external vendors other organizations' IRTs |
| gptkbp:establishedBy |
gptkb:government_agency
educational institutions organizations private companies |
| gptkbp:function |
analyze security events
contain security incidents coordinate with law enforcement detect security breaches eradicate threats recover from incidents report incidents to management |
| gptkbp:goal |
minimize impact of incidents
prevent future incidents restore normal operations |
| https://www.w3.org/2000/01/rdf-schema#label |
Incident Response Team
|
| gptkbp:mayInclude |
gptkb:Security_Operations_Center
IT department |
| gptkbp:members |
security analysts
legal advisors IT staff communications staff management representatives |
| gptkbp:purpose |
respond to security incidents
|
| gptkbp:relatedTo |
gptkb:NIST_SP_800-61
gptkb:SANS_Incident_Handler's_Handbook cybersecurity information security incident management |
| gptkbp:requires |
training
communication protocols forensic tools access to logs incident response policy tools for detection and analysis |
| gptkbp:responsibleFor |
forensic analysis
post-incident review incident response plan communication during incidents |
| gptkbp:bfsParent |
gptkb:Safety_Service_Patrol
gptkb:Computer_Security_Incident_Response_Team |
| gptkbp:bfsLayer |
6
|