Statements (49)
Predicate | Object |
---|---|
gptkbp:instanceOf |
gptkb:organization
|
gptkbp:alsoKnownAs |
gptkb:IRT
gptkb:CSIRT Computer Security Incident Response Team |
gptkbp:collaboratesWith |
gptkb:law_enforcement
regulatory bodies external vendors other organizations' IRTs |
gptkbp:establishedBy |
gptkb:government_agency
educational institutions organizations private companies |
gptkbp:function |
analyze security events
contain security incidents coordinate with law enforcement detect security breaches eradicate threats recover from incidents report incidents to management |
gptkbp:goal |
minimize impact of incidents
prevent future incidents restore normal operations |
https://www.w3.org/2000/01/rdf-schema#label |
Incident Response Team
|
gptkbp:mayInclude |
gptkb:Security_Operations_Center
IT department |
gptkbp:members |
security analysts
legal advisors IT staff communications staff management representatives |
gptkbp:purpose |
respond to security incidents
|
gptkbp:relatedTo |
gptkb:NIST_SP_800-61
gptkb:SANS_Incident_Handler's_Handbook cybersecurity information security incident management |
gptkbp:requires |
training
communication protocols forensic tools access to logs incident response policy tools for detection and analysis |
gptkbp:responsibleFor |
forensic analysis
post-incident review incident response plan communication during incidents |
gptkbp:bfsParent |
gptkb:Safety_Service_Patrol
gptkb:Computer_Security_Incident_Response_Team |
gptkbp:bfsLayer |
6
|