This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Incident Response Project"

From OWASP
Jump to: navigation, search
m
m (What is the OWASP Incident Response Project?)
Line 24: Line 24:
 
The OWASP Incident Response Project provides:
 
The OWASP Incident Response Project provides:
  
* The next level of information based on the work of  [http://www.proactiverisk.com/wp-content/uploads/2015/06/IR-Guidance.pdf PROACTIVE recommendations]
+
Fundamental principals for a incident response program
* Helpful checklist of what you can do AFTER a breach
 
* Basic Incident Response Training
 
* Best practices to lock down the OS and application to be proactive
 
  
 
== Presentation ==
 
== Presentation ==

Revision as of 04:54, 3 December 2015

OWASP Project Header.jpg

OWASP Incident Response Project

The OWASP Incident Response Project is a proactive set of recommendations for organizations to use as a best practice for for building a proactive incident response program

Description

This project is a guide of suggested best practices for stand-alone IR of a web application on dedicated hardware that you have 100% access to as well as when the application is part of a cloud service offering. The goal is to provide a best practices checklist that can be used to ensure chain of custody and to assist with investigations of root-cause.

Licensing

The OWASP Incident Response Project is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.


What is the OWASP Incident Response Project?

The OWASP Incident Response Project provides:

Fundamental principals for a incident response program

Presentation

More Coming at AppSecUSA 2015 join us!

Project Leader

Tom Brennan

Yolanda Baker

Related Projects

OWASP Top 10

OWASP Cheat Sheets

OWASP Mod_Security CRS

Web Hacking Incident Database


Quick Download

  • Check Back Soon

News and Events

In Print

This project WILL be available as a publication when released.

Classifications

Owasp-incubator-trans-85.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files DOC.jpg
Q1 Will this project help me respond to a computer security breach
A1 Yes, we are providing a sample IR plan and related reference materials to get started review this Top Considerations
Q2 Is there a googledoc associated with this project or a wiki page?
A2 Yes with your @owasp.org email address you can access the google docs page click here

Volunteers

Incident Response Project is developed by a worldwide team of volunteers. The primary contributors to date have been:

  • Tom Brennan, ProactiveRISK
  • <insert your name>
  • <insert your name>
  • <insert your name>
  • <insert your name>

Want to help? Get in touch with us

Others

  • OWASP NYC Metro Chapter

Involvement in the development and promotion of OWASP Incident Response Project is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:

  • Proof Reading
  • Graphic Design
  • Conduct Industry Survey
  • <insert your idea>
PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP Incident Response Project (home page)
Purpose: OWASP Incident Response Project will provide users with a current set of tools and best practices for dealing with a hacked web application.
License: Creative Commons Attribution ShareAlike 3.0 License (best for documentation projects)
who is working on this project?
Project Leader(s):
  • Tom Brennan @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Tom Brennan @ to contribute to this project
  • Contact Tom Brennan @ to review or sponsor this project
current release
Not Yet Published
last reviewed release
Not Yet Reviewed


other releases