This structure ensures that security assurance activities are integrated into the Secure Development Lifecycle (SDL). Instead it is part of the organization’s broader secure engineering initiative. IntroductionĪ Product Security Incident Response Team (PSIRT) is an entity within an organization which, at its core, focuses on the identification, assessment and disposition of the risks associated with security vulnerabilities within the products, including offerings, solutions, components and/or services which an organization produces and/or sells.Ī properly deployed PSIRT is not an independently operating group, disconnected from the development of the organization’s products. The Frameworks seek to assist security incident response teams (SIRTs) by identifying core responsibilities, providing guidance on how to build capabilities to meet those responsibilities and offering insights on how teams can add and communicate value to their larger organizations. In this way, teams are free to implement their own model and to build capabilities that meet their stakeholder’s unique needs. The Frameworks are guides and identify various models, capabilities, services, and outcomes. The Frameworks exist to assist organizations in building, maintaining, and growing capabilities of their CSIRTs or PSIRTs. The development of the frameworks is driven by the Education Advisory Board. The two documents will be aligned, highlighting the many similarities shared. It was thus decided to create a separate document covering PSIRTs. In the creation of the CSIRT Services Framework it became clear that PSIRTs do provide quite different services and typically operate in quite different environments. However today they are used in a much wider scope, for example when defining an initial service catalogue for new teams. These documents were intended to provide a foundation for the development of new training material. FIRST strives to include feedback from all sectors, including CSIRTs with a national responsibility, private sector CSIRTs and PSIRTs as well as other stakeholders. They are developed by recognized experts from the FIRST community. The Services Frameworks are high level documents detailing possible services that computer incident response teams (CSIRTs) and product incident response teams (PSIRTs) may provide.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |