NIST SP 800-61

E532554

NIST Special Publication computer security guideline incident response framework

NIST SP 800-61 is a National Institute of Standards and Technology guideline that provides best practices and a framework for computer security incident handling and response.

Try in SPARQL Jump to: Statements Referenced by

Statements (46)

Predicate	Object
instanceOf	NIST Special Publication ⓘ computer security guideline ⓘ incident response framework ⓘ
addresses	communication during incidents ⓘ evidence collection and handling ⓘ legal considerations for incident response ⓘ management aspects of incident response ⓘ technical incident handling ⓘ use of automated tools in incident response ⓘ
appliesTo	federal information systems ⓘ government agencies ⓘ private sector organizations ⓘ
countryOfOrigin	United States of America ⓘ surface form: United States
defines	incident handling process ⓘ incident response life cycle ⓘ
field	computer security ⓘ incident response ⓘ information security ⓘ
focusesOn	containment eradication and recovery ⓘ detection and analysis of incidents ⓘ post-incident activity ⓘ preparation for incidents ⓘ
language	English ⓘ
objective	improve organizational incident response capability ⓘ reduce impact of security incidents ⓘ standardize incident handling practices ⓘ
provides	best practices for incident response ⓘ framework for incident response processes ⓘ guidance on computer security incident handling ⓘ
publisher	National Institute of Standards and Technology NERFINISHED ⓘ
recommends	coordination with external organizations ⓘ defining incident response team structure ⓘ developing incident response plans ⓘ developing incident response policies ⓘ establishing an incident response capability ⓘ incident documentation ⓘ incident metrics and measurement ⓘ incident reporting procedures ⓘ incident response exercises ⓘ training for incident response personnel ⓘ
relatedTo	NIST Risk Management Framework NERFINISHED ⓘ NIST SP 800-53 NERFINISHED ⓘ
title	Computer Security Incident Handling Guide NERFINISHED ⓘ
usedBy	incident response teams ⓘ information security managers ⓘ security operations centers ⓘ

Referenced by (2)

Full triples — surface form annotated when it differs from this entity's canonical label.

Special Publications → hasPart → NIST SP 800-61 ⓘ

NIST SP 800 series → includes → NIST SP 800-61 ⓘ