This content is archived. Information displayed here should not be considered up to date or valid anymore.

FIRST Security Reference Index

Also maintained by FIRST: the FIRST Best Practice Guide Library

The below list features common reference points for security best practices. This is not meant to be a definitive list but rather a way to present best practice web sites that have been helpful to the FIRST community.

Note: The Security Reference Index is based on references submitted by FIRST members.

FIRST members are strongly encouraged to click here if they know of possible additions to this page.

Best Practices and Documentation

Caida Presentations

CERT Coordination Center

Center for Internet Security Benchmarking tools

ThaiCERT Threat Group Cards

ENISA CSIRT Services

ENISA CSIRT Setting Up Guide

GDPR

JANET

OWASP Guide to Building Secure Web Applications

Microsoft Security Guidance Center

NIST Guide on Computer Security Incident Handling

ENISA/CERT Polska - Proactive detection of incidents

ENISA Solutions for Improving Threat Data Exchange among CERTs

SANS Reading Room

ETSI Information Security: Key Performance Indicators

The NCS Guide 2021

Géant Best Practices for DDoS Mitigation Strategies

Standards

RFC 2350 - Expectations for Computer Security Incident Response

RFC 2196 - Site Security Handbook

RFC 2827 - Network Ingress Filtering

RFC 2504 - Users' Security Handbook

Common community tools

Malware Information Sharing Platform (MISP)

Collaborative Research Into Threats (CRITS)

Collective Intelligence Framework (CIF)

Google Rapid Response (GRR)

Autopsy and the Sleuth Kit

Cuckoo Sandbox

Honeyspider

Volatility

OSSEC

osquery

Trusted Introducer

TF-CSIRT

APCERT

AfricaCERT

Organization of the Islamic Cooperation - CERTs

Global Forum on Cyber Expertise – CSIRT Maturity Initiative

OASIS Cyber Threat Intelligence

OECD Guidance for Improving the Comparability of Statistics Produced by Computer Security Incident Response Teams (CSIRT)

IGF Best Practices Forum on Establishing Incident Response Teams for Internet Security

Acknowledgement

This is a collaborative effort from the FIRST community - moderated by Gavin Reid. Thanks for all the great suggestion and feedback.