FIRST Special Interest Groups (SIG)

In June 2023, attendees at the 35th Annual FIRST Conference, in Montréal, Canada got a first-look preview of the new version of the Common Vulnerability Scoring System (CVSS), version 4.0. After two month of public comment followed by two months of addressing those comments, FIRST is proud to announce the official publication of CVSS version 4.0.

ICASI – the Industry Consortium for Advancement of Security on the Internet was officially integrated into the Forum of Incident Response and Security Teams (FIRST) on May 28, 2021. Established in 2008, ICASI’s purpose was to strengthen the global security landscape by driving excellence and innovation in security response practices; facilitating collaboration among members to analyze, mitigate, and resolve multi-stakeholder, global security challenges. This role will continue but as part of the existing FIRST PSIRT SIG, expand and improve the community’s ability to respond to vulnerabilities across multiple vendors. Founded in 1990, FIRST is the global leader in incident response.

A new set of guidelines has been produced by FIRST, in collaboration with the National Telecommunications and Information Administration (NTIA). The document is aimed at anyone involved in multi-party vulnerability disclosures – from security researchers to incident response teams. The updated advice (version 1.1) was unveiled earlier this month to address shortcomings in how multiple parties should engage and cooperate during the security vulnerability disclosure process.

July 12th, 2019 - The Forum of Incident Response and Security Teams (FIRST) has published an update of its internationally recognized Common Vulnerability Scoring System (CVSS). CVSS is a common scoring system designed to provide open and universally standard severity ratings of software vulnerabilities for the security community. Used by organizations worldwide, version 3.1 documentation is now available on the FIRST website for members and non-members to reference.

FIRST is pleased to announce the creation of two new Special Interest Groups: PSIRT and Cyber Insurance! The PSIRT SIG is developing learning materials to support the evolution of PSIRTs at all maturity levels, and the Cyber Insurance SIG is coordinating data sharing and providing a feedback mechanism between CERTs and Cyber Insurance organizations.

The Forum of Incident Response and Security Teams has published a formal policy to guide cyber security standardization within its standards groups.

The Forum of Incident Response and Security Teams announces the release of a set of guidelines and norms for vulnerability disclosure that affects multiple parties.

The Forum of Incident Response and Security Teams announces a public request for comments on a draft policy to guide cyber security standardization within its working groups.

The comment period for the "Guidelines and Practices for Multi-Party Vulnerability Coordination", published by the Vulnerability Coordination SIG, was extended to February 28th, 2017. FIRST invites anyone with an interest in this area to review the current draft, available from https://www.first.org/global/sigs/vulnerability-coordination/multiparty, and provide comments for consideration.

FIRST has formed the Red Teaming SIG. Interested participants who are part of an existing Red Team or in the process of forming one should send a request to be added to the mail list to first-sec@first.org

FIRST is considering formation of a Malware Analysis SIG to give members a place to discuss the tools & techniques involved with malware analysis. In order to gauge interest, we'd like interested members to complete the questionnaire found at http://www.first.org/global/sigs/masurvey/