Incident Response Team

GPTKB entity

Statements (49)
Predicate Object
gptkbp:instanceOf gptkb:organization
gptkbp:alsoKnownAs gptkb:IRT
gptkb:CSIRT
Computer Security Incident Response Team
gptkbp:collaboratesWith gptkb:law_enforcement
regulatory bodies
external vendors
other organizations' IRTs
gptkbp:establishedBy gptkb:government_agency
educational institutions
organizations
private companies
gptkbp:function analyze security events
contain security incidents
coordinate with law enforcement
detect security breaches
eradicate threats
recover from incidents
report incidents to management
gptkbp:goal minimize impact of incidents
prevent future incidents
restore normal operations
https://www.w3.org/2000/01/rdf-schema#label Incident Response Team
gptkbp:mayInclude gptkb:Security_Operations_Center
IT department
gptkbp:members security analysts
legal advisors
IT staff
communications staff
management representatives
gptkbp:purpose respond to security incidents
gptkbp:relatedTo gptkb:NIST_SP_800-61
gptkb:SANS_Incident_Handler's_Handbook
cybersecurity
information security
incident management
gptkbp:requires training
communication protocols
forensic tools
access to logs
incident response policy
tools for detection and analysis
gptkbp:responsibleFor forensic analysis
post-incident review
incident response plan
communication during incidents
gptkbp:bfsParent gptkb:Safety_Service_Patrol
gptkb:Computer_Security_Incident_Response_Team
gptkbp:bfsLayer 6