Main Menu
Online Incident Reporting
CSIRT Development

CSIRT Training
The following organizations provide a variety of training targeted specifically to CSIRTs including development, design, implementation and operations
CSIRT Reporting an Incident
Security incidents may arise at any time. Attacks are often launched during non-business hours in an attempt to maximize the potential damage.
CSIRT provides 24x7 Computer Security
Incident Response Services to any user, company, government agency
or organization. CSIRT provides a reliable and trusted single point of
contact for reporting computer security incidents
worldwide.
--- To
Report An Incident - Click on the link below ---
Report
an Incident to CSIRT
![]() |
CSIRT Tel: 1-301-275-4433 - 24x7 Incident Response: csirt@csirt.org |
Definition of an Incident
An event which changes the security posture of an organization or circumvents security polices developed to prevent financial loss and/or the destruction, theft, or compromise of proprietary information. Also, an event investigated by an organization due to unusual activity, that cannot be explained as a consequence of normal operations.
Some possible classifications for security incidents are:
- Unauthorized Electronic Monitoring
- Misuse of Systems (internal or external)
- Website Defacement. Probe/Scan
- Denial of Service. Distributed Denial of Service
- Malicious Code (virus, worm)
- Intrusion/Hack
- Virus Attacks (Unable to clean, rename, or delete)
- Denial of Service Attacks
- IDS alert notifications (false positives possible)
- Automated scanning tools and probes
- External/Internal threats (espionage)
- Unauthorized accesses to information systems
- Theft of intellectual property
- Extortion
Checklist Doc's
- The Intruder Detection Checklist
- Windows NT Intruder Detection Checklist
- Steps for Recovering from a UNIX or NT System Compromise
- UNIX Root Compromise
- The UNIX Configuration Guidelines
Incident Info from other Organizations
- Incidents.org - SANS Institute
- Dshield.org
- MyNetwatchman.com
- ARIS - Securityfocus.com
Incident Response
Security News Updates
Threat Assessments
InfoCon 1: Peacetime
InfoCon 2: Heightened alert
InfoCon 3: Full alert
InfoCon 4: Internet Meltdown
Security Bulletins
Daily and weekly summaries of security issues and new vulnerabilities.