This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Front Range OWASP Conference 2013/Presentations/CSIRP

Revision as of 17:41, 11 June 2013 by Jess Garrett (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Crafting a Plan for When Security Fails

A computer security incident, whether an exposed system with protected data or a hacked application, requires a planned response to quickly address and contain the threat. We exist in a world where having a plan is a necessity. Companies in various industries possess vast amounts of regulated and confidential data; this arrangement places a great amount of responsibility on the custodian. Unfortunately, in today's world, it is almost inevitable that you will be the target of an attack or mishandle data that may cause a potential exposure. Do you have a codified plan that helps guide your response?

CSIRPs are robust documents that are difficult to create. Developing a CSIRP that takes into account organizational culture and existing structure, creates buy-in from various departments, and is applicable in a wide array of emerging and existing threats while balancing substance and brevity may be a herculean task.

This presentation will provide the basis for the need for a CSIRP, discuss pitfalls and strategies when crafting CSIRPs, explore common ways they fail, and offer tips to create a healthy, viable, and useful process to use when confronting a computer security incident.

This presentation is geared towards those wishing to learn more about creating a viable computer security incident response plan (CSIRP).

Slides Video