Public Resource
There are absolutely free resources for incident
management and have the following advantages.
- They are inexpensive or free.
- They are a resource to a large number of entities making
them knowledgeable on the statistics of incidents. This
gives them a global scope of the problem making it easier
to point to the origination of the incident.
- Advisories are across the board to all who subscribe helping
to solve the problem quickly on a global scale.
Disadvantages of a Public Resource are as follows.
- They are not specific to your infrastructure needs. They
do not provide hands on site assistance to solve your incident.
- The incident teams are publicly and privately funded.
The question of whether or not to deploy an incident team
is up to the funder.
The most widely recognized Public Resources for incident
response is Carnegie Mellon's CERT. This is a publicly funded
organization through the Department of Defense. CERT/CC is
Computer Emergency Response Team Coordination Center. Every
incident has a CERT number in a database maintained by CERT.
Another Public Resource is the Forum of Incident Response
and Security Teams (FIRST). This is a conglomeration of several
Incident Response Teams representing specific industries and
entities. Follow the link below to the list of IRT's associated
with FIRST.
FIRST members
|
Computer
Forensics 
Network
Security