This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Incident Response Project"

From OWASP
Jump to: navigation, search
m (Project Leader)
(Related Projects)
 
(76 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 
=Main=
 
=Main=
 +
{{#widget:PayPal Donation
 +
|target=_blank
 +
|budget=OWASP_Incident_Response_Project
 +
}} 
 +
  
 
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>
 
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>
  
 
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
 
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |
+
| valign="top" style="border-right: 1px dotted gray;padding-right:25px;" |
 
 
==OWASP Incident Response Project==
 
 
 
The OWASP Incident Response Project will provide users with a current set of tools and best practices for dealing with a hacked web application.
 
  
 +
==OWASP Top 10 Guidance for Incident Response==
  
==Introduction==
+
==Audience==
  
You just learned that your company website has been HACKED now what do you do?
+
Breaches happen every day as you learn about them in the news. Is your business prepared? This project provides a proactive approach to Incident Response planning. The intended audience of this document includes business owners to security engineers, developers, audit, program managers, law enforcement & legal council. This guidance should be considered when building a comprehensive approach. This guidance intends to guide the reader on topics that need to be part of the plan in your organization, this includes those responsible for managing the business and technical risk of the entire organization.
 
 
==Description==
 
 
 
This project is a guide of suggested best practices for stand-alone IR of a web application on dedicated hardware that you have 100% access to as well as when the application is part of a cloud service offering. The goal is to provide a best practices checklist that can be used to ensure chain of custody and to assist with investigations of root-cause.
 
  
 
==Licensing==
 
==Licensing==
The OWASP Incident Response Project is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.
 
  
 +
Creative Commons Attribution-NonCommercial-ShareAlike
 +
==Project Sponsor==
 +
OWASP Top 10 Guidance for Incident Response project is sponsored by [http://www.proactiverisk.com ProactiveRISK Inc.].
  
| valign="top"  style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
+
[[File:Proactiverisk_logo_v2.jpg | link=http://www.proactiverisk.com]]
  
== What is the OWASP Incident Response Project? ==
+
| valign="top" style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
  
The OWASP Incident Response Project provides:
+
== In Print ==
  
* Helpful checklist of what you
+
[https://www.owasp.org/images/9/92/Top10ConsiderationsForIncidentResponse.pdf Version 1.0 .PDF Version]
* Basic Incident Response Training
 
* Best practices to lock down the OS and application to be proactive
 
  
 
== Presentation ==
 
== Presentation ==
  
Link to presentation
+
[https://www.owasp.org/images/b/bd/IR_Top_10_Considerations_-_Slides-v2.pdf Slides]
  
 +
== Project Leader ==
  
 +
[https://www.owasp.org/index.php/User:Brennan Tom Brennan] [http://www.twitter.com/brennantom @brennantom]
  
 +
== Version 2.0 ==
 +
Want to help out and make this project BETTER?  Add your comments here
 +
[https://docs.google.com/document/d/1TbIwFW_Z1d7jhnQL9vkdBzFtRC1lmHp9JpTXYXyN58A/edit?usp=sharing Version 2.0 GoogleDocs - Add Comments]
  
== Project Leader ==
+
== Related Projects ==
 
 
[https://www.owasp.org/index.php/User:Brennan Tom Brennan]
 
  
== Related Projects ==
+
[https://www.owasp.org/index.php/OWASP_Anti-Ransomware_Guide_Project OWASP Randsomware]
  
 
[https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP Top 10]
 
[https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project OWASP Top 10]
Line 54: Line 55:
 
[https://www.owasp.org/index.php/OWASP_WASC_Web_Hacking_Incidents_Database_Project Web Hacking Incident Database]
 
[https://www.owasp.org/index.php/OWASP_WASC_Web_Hacking_Incidents_Database_Project Web Hacking Incident Database]
  
 
+
| valign="top" style="padding-left:25px;width:200px;" |
 
 
| valign="top" style="padding-left:25px;width:200px;" |
 
 
 
== Quick Download ==
 
 
 
* [https://github.com/proactiveRISK/IRTop10 GIT ITTop10]
 
  
 
== News and Events ==
 
== News and Events ==
* Next collaboration session on the topic at the [http://www.meetup.com/OWASP-NYC/ NYC OWASP Meeting]
+
* Release date 12/7/2015
 
+
* 01/13/2018 NYC Chapter Meeting V2.0
== In Print ==
 
This project WILL be available as a publication when released.
 
  
 
==Classifications==
 
==Classifications==
Line 72: Line 65:
 
   {| width="200" cellpadding="2"
 
   {| width="200" cellpadding="2"
 
   |-
 
   |-
   | align="center" valign="top" width="50%" rowspan="2"| [[File:Owasp-incubator-trans-85.png|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
+
   | rowspan="2" align="center" valign="top" width="50%" | [[File:Owasp-incubator-trans-85.png|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
  | align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]] 
 
 
   |-
 
   |-
   | align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]]
+
   | align="center" valign="top" width="50%" | [[File:Owasp-defenders-small.png|link=]]
 
   |-
 
   |-
   | colspan="2" align="center" | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
+
   | colspan="2" align="center" | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
 
   |-
 
   |-
   | colspan="2" align="center" | [[File:Project_Type_Files_DOC.jpg|link=]]
+
   | colspan="2" align="center" | [[File:Project_Type_Files_DOC.jpg|link=]]
 
   |}
 
   |}
  
 
|}
 
|}
 
=FAQs=
 
 
; Q1 <insert question>
 
: A1 <insert answer>
 
 
; Q2 <insert question>
 
: A2 <insert answer>
 
  
 
= Acknowledgements =
 
= Acknowledgements =
Line 96: Line 80:
 
Incident Response Project is developed by a worldwide team of volunteers. The primary contributors to date have been:
 
Incident Response Project is developed by a worldwide team of volunteers. The primary contributors to date have been:
  
* [https://www.owasp.org/index.php/User:Brennan Tom Brennan]
+
* [https://www.owasp.org/index.php/User:Brennan Tom Brennan], [http://www.proactiverisk.com ProactiveRISK]
* [http://www.linkedin.com/pub/christopher-pogue-msit-cissp-ceh-crea-gcfa-qsa/1/844/614 Chris Pogue]
+
* Jason Jolo, [http://www.proactiverisk.com ProactiveRISK]
* [https://www.owasp.org/index.php/User:Rcbarnett Ryan Barnett]
+
* Jordan Lewis
* [http://sg.linkedin.com/in/wongonnchee Wong Onn Chee]
 
* Marcio Macary
 
*  Melissa Soiefer
 
*  Tarek Marji
 
* <insert your name>
 
* <insert your name>
 
* <insert your name>
 
 
* <insert your name>
 
* <insert your name>
 
* <insert your name>
 
* <insert your name>
Line 112: Line 89:
  
 
==Others==
 
==Others==
* xxx
+
* OWASP NYC Metro Chapter
* xxx
 
  
 
= Road Map and Getting Involved =
 
= Road Map and Getting Involved =
As of 9-April-2014, the priorities are:
+
Involvement in the development and promotion of OWASP Incident Response Project is actively encouraged!
* Collect materials in the public domain and list them as reference points.
 
* Review existing materials and extract the Top 10 most important things for common common enviorments
 
* [https://docs.google.com/a/proactiverisk.com/document/d/1c0jUaz34XZwUdnrImVqxkjKM1fl-oRb0uZPe1aKSB1Q/edit?usp=sharing Draft v1.0 of the guide]
 
 
 
Involvement in the development and promotion of OWASP Incident Response Project is actively encouraged!
 
 
You do not have to be a security expert in order to contribute.
 
You do not have to be a security expert in order to contribute.
 
Some of the ways you can help:
 
Some of the ways you can help:
 +
 
* Proof Reading
 
* Proof Reading
 
* Graphic Design
 
* Graphic Design
 
* Conduct Industry Survey
 
* Conduct Industry Survey
 +
* Educate local communities
 +
*  list of open-source IR tools
 
* <insert your idea>
 
* <insert your idea>
  
Line 132: Line 106:
 
{{:Projects/OWASP_Incident_Response_Project}}   
 
{{:Projects/OWASP_Incident_Response_Project}}   
  
__NOTOC__ <headertabs />  
+
__NOTOC__ <headertabs></headertabs>  
  
[[Category:OWASP Project]]  [[Category:OWASP_Builders]] [[Category:OWASP_Defenders]]  [[Category:OWASP_Document]]
+
[[Category:OWASP Project]]   
 +
[[Category:OWASP_Builders]]  
 +
[[Category:OWASP_Defenders]]   
 +
[[Category:OWASP_Document]]

Latest revision as of 01:54, 23 January 2018


OWASP Project Header.jpg

OWASP Top 10 Guidance for Incident Response

Audience

Breaches happen every day as you learn about them in the news. Is your business prepared? This project provides a proactive approach to Incident Response planning. The intended audience of this document includes business owners to security engineers, developers, audit, program managers, law enforcement & legal council. This guidance should be considered when building a comprehensive approach. This guidance intends to guide the reader on topics that need to be part of the plan in your organization, this includes those responsible for managing the business and technical risk of the entire organization.

Licensing

Creative Commons Attribution-NonCommercial-ShareAlike

Project Sponsor

OWASP Top 10 Guidance for Incident Response project is sponsored by ProactiveRISK Inc..

Proactiverisk logo v2.jpg

In Print

Version 1.0 .PDF Version

Presentation

Slides

Project Leader

Tom Brennan @brennantom

Version 2.0

Want to help out and make this project BETTER? Add your comments here Version 2.0 GoogleDocs - Add Comments

Related Projects

OWASP Randsomware

OWASP Top 10

OWASP Cheat Sheets

OWASP Mod_Security CRS

Web Hacking Incident Database

News and Events

  • Release date 12/7/2015
  • 01/13/2018 NYC Chapter Meeting V2.0

Classifications

Owasp-incubator-trans-85.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files DOC.jpg

Volunteers

Incident Response Project is developed by a worldwide team of volunteers. The primary contributors to date have been:

Want to help? Get in touch with us

Others

  • OWASP NYC Metro Chapter

Involvement in the development and promotion of OWASP Incident Response Project is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:

  • Proof Reading
  • Graphic Design
  • Conduct Industry Survey
  • Educate local communities
  • list of open-source IR tools
  • <insert your idea>
PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Incident Response Project (home page)
Purpose: OWASP Incident Response Project will provide users with a current set of tools and best practices for dealing with a hacked web application.
License: Creative Commons Attribution ShareAlike 3.0 License (best for documentation projects)
who is working on this project?
Project Leader(s):
  • Tom Brennan @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Tom Brennan @ to contribute to this project
  • Contact Tom Brennan @ to review or sponsor this project
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases