Difference between revisions of ".NET Incident Response"

From OWASP
Jump to: navigation, search
(Articles & Projects)
Line 23: Line 23:
  
 
===Articles & Projects===
 
===Articles & Projects===
 +
 +
[http://www.csoonline.com/article/220975/Avoiding_a_Meltdown_The_Management_Incident_Response_Team Avoiding a Meltdown: The Management Incident Response Team]
 +
 +
[http://www.windowsecurity.com/whitepapers/Best-Practice-Security-Incident-Response.html Windows Best Practices for Security Incident Response]
 +
 +
[http://www.attackprevention.com/Incident_Handling/Incident_Response_Team/ Incident Response Resources]
 +
 +
[http://wiki.ittoolbox.com/index.php/Guide_to_Integrating_Forensic_Techniques_into_Incident_Response Guide to Integrating Forensic Techniques into Incident Response]
 +
 +
[http://www.first.org/ Forum for Incident Response and Security Teams]
  
 
===References===
 
===References===

Revision as of 21:53, 26 June 2008

Contents

.NET Incident Response

Understanding how to respond to an incident before it occurs is critical to recovering operations. This section contains information for incident response, and specific content for .NET web application and service incident response handling. In addition to traditional logging functions, how do we know if our application, service, database or other software has been exploited.

Areas of Concern

  • Incident Response Plan

As they say, it is not if, it is when you are attacked, what is the plan?

  • Communicating

Who uses your software? How do you communicate the incident to your user base?

  • Activating the plan

How do we know we've been attacked. Applications and services need to be instrumented to provide information specific to functionality within the software. What guidance or tools are needed to provide information to incident response personnel.

  • Containment

Limit the exposure of the incident by isolating the damage.

  • Attack Identification and Severity assignment

Find the origin of the attack. Estimate exposure.

  • Evidence handling best practices
  • Recovery and Continuity

Articles & Projects

Avoiding a Meltdown: The Management Incident Response Team

Windows Best Practices for Security Incident Response

Incident Response Resources

Guide to Integrating Forensic Techniques into Incident Response

Forum for Incident Response and Security Teams

References

Creating a Computer Security Incident Response Team: A Process for Getting Started

Computer Security Incident Response Team FAQ

Handbook for Computer Security Incident Response Teams

Tools